msticpy

MSTICPy v2.17.0 released - new RRCF outlier detection - AWS extension for Prisma Cloud AWS - Update Defender Auth to OAuth v2 and fix bugs - Python 3.12 support More details here github.com/microsoft/msti… @msticpy

MSTICPy 2.11.0 released This minor release includes: - Better handling of large/split queries for MS Sentinel - Updated support for installing MSTICPy in a Conda environment - Updates for future pandas support github.com/microsoft/msti…

New versions of MSTICPy and MSTIC Notebooklets released: github.com/microsoft/msti… github.com/microsoft/msti…

thx to contributors @PeteABryan Joey Dreyer, Chis Cianelli, Florian Bracq and 2xyo

MSTICPY 2.9.0 released Includes new Threat Intel provider IPQualityScore and updated M365D to use MS Graph API for hunting queries. Fixes to startup, Synapse compat issues, Entities and more. See the release notes for a full rundown github.com/microsoft/msti…

MSTICPy v2.8.0 released. Stability release - with several important fixes: - MS Sentinel failure when connecting using a connection string - Using supported method for multi-cloud Azure endpoints - Using msticpy in isolated environments.

MSTICPy 2.7.0 release - 2 new threat intel providers for CrowdSec and AbuseIPDB - New MS Sentinel and Kusto drivers now the defaults - Query file editor for MSTICPy template queries - Azure auth fixes for MicrosoftSentinel More details github.com/microsoft/msti…

@T_8ase is going to present about @msticpy at the SANS DFIR Japan, check this out if you are around 🤩 Cc: @ianhellen

MSTICPy 2.6.0 released - Parallel queries for multiple instances of MS Sentinel workspaces and Kusto clusters - Parallel split queries (large time-range queries divided by smaller time periods) - Velociraptor data provider for querying exported data sets github.com/microsoft/msti…

... continued * Panel tabulator now supported as default data viewer (see panel.holoviz.org/reference/widg…) These are described more fully in the release notes and (mostly) in the updated docs msticpy.readthedocs.io/en/latest/inde…

MSTICPy 2.5.0 released * New Sentinel and Kusto drivers with parallel queries, proxy and user-defined timeouts. * Plugin framework for MSTICPy data/TI/context providers * Import Sentinel hunting and detection queries * OSQuery data provider ... github.com/microsoft/msti…

Had a report that the search in MSTICPy ReadtheDocs was broken (apparently broken for a while due to a bug in the ReadTheDocs template. Happy to report that this is now fixed. msticpy.readthedocs.io

🚨 #MSTICPy has just merged a new PR to main! ashwin-patil added the PR - Read the docs update for Managed spark installation github.com/microsoft/msti… #python #MSTIC #infosec

🚨 #MSTICPy has just merged a new PR to main! petebryan added the PR - Updated Sentinel incident docs to reflect filtering options github.com/microsoft/msti… #python #MSTIC #infosec

MSTICPy v2.4.0 released - New Pulsedrive TI module - Process tree updates (inc FireEye HX compat) - Bokeh 3.0 support - Improved diagnostics/logging - Fixes to Azure auth, Sentinel APIs and more. github.com/microsoft/msti…

🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Reverting to bokeh version 2.4.3 for default install github.com/microsoft/msti… #python #MSTIC #infosec

🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Misc updates for 2.3.2 release: github.com/microsoft/msti… #python #MSTIC #infosec

🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Adding data query paths test for DEX support github.com/microsoft/msti… #python #MSTIC #infosec

🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - ProcTree and init_notebook fixes github.com/microsoft/msti… #python #MSTIC #infosec

🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Adding logging and updating settings access github.com/microsoft/msti… #python #MSTIC #infosec