Msticpy - A Python Defender Tool For Security Investigations & Hunting

Microsoft Threat Intelligence Python Security Tools

The msticpy package was initially developed to support Jupyter Notebook authoring for Azure Sentinel. Many of the included tools can be used in other security scenarios for threat hunting and threat investigation. There are three main sub-packages:

  • sectools - python security tools to help with data analysis or investigation
  • nbtools - Jupyter-specific UI tools such as widgets and data display
  • data - data interfaces specific to Sentinel/Log Analytics

Installing

pip install msticpy
pip install git+https://github.com/microsoft/msticpy

No comments: