Microsoft Sentinel content hub catalog
Solutions in Microsoft Sentinel provide a consolidated way to acquire Microsoft Sentinel content, like data connectors, workbooks, analytics, and automation, in your workspace with a single deployment step.
This article helps you find the full list of the solutions available in Microsoft Sentinel. This article also lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace.
When you deploy a solution, the security content included with the solution, such as data connectors, playbooks, or workbooks, are available in the relevant views for the content. For more information, see Centrally discover and deploy Microsoft Sentinel out-of-the-box content and solutions.
Important
Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. For more information, see Microsoft Sentinel in the Microsoft Defender portal.
All solutions for Microsoft Sentinel
To get the full list of all solutions available in Microsoft Sentinel, see the Azure Marketplace. Search for a specific product solution or provider. Filter by Product Type = Solution Templates to see solutions for Microsoft Sentinel.
Domain solutions
The following table lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace.
Name | Includes | Categories | Supported by |
---|---|---|---|
Attacker Tools Threat Protection Essentials | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
Azure Security Benchmark | Workbooks, analytic rules, playbooks | Compliance, Security - Automation (SOAR), Security - Cloud Security | Microsoft |
Cloud Identity Threat Protection Essentials | Analytic rules, hunting queries | Security - Cloud Security, Security - Threat Protection | Microsoft |
Cloud Service Threat Protection Essentials | Hunting queries | Security - Cloud Security, Security - Threat Protection | Microsoft |
Cybersecurity Maturity Model Certification (CMMC) 2.0 | Analytics rules, workbook, playbook | Compliance | Microsoft |
Deception Honey Tokens | Workbooks, analytics rules, playbooks | Security - Threat Protection | Microsoft Sentinel community |
Dev 0270 Detection and Hunting | Analytic rules | Security - Threat Protection | Microsoft |
Dev-0537 Detection and Hunting | Security - Threat Protection | Microsoft | |
DNS Essentials Solution | Analytics rules, hunting queries, playbooks, workbook | Security - Network | Microsoft |
Endpoint Threat Protection Essentials | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
Legacy IOC based Threat Protection | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
Log4j Vulnerability Detection | Workbooks, analytic rules, hunting queries, watchlists, playbooks | Application, Security - Automation (SOAR), Security - Threat Protection, Security - Vulnerability Management | Microsoft |
Microsoft Defender for IoT | Analytics rules, playbooks, workbook | Internet of Things (IoT), Security - Threat Protection | Microsoft |
Maturity Model for Event Log Management M2131 | Analytics rules, hunting queries, playbooks, workbook | Compliance | Microsoft |
Microsoft 365 Insider Risk Management (IRM) | Data connector, workbook, analytics rules, hunting queries, playbook | Security - Insider threat | Microsoft |
Network Session Essentials | Analytics rules, hunting queries, playbooks, workbook | Security - Network | Microsoft |
Network Threat Protection Essentials | Analytic rules, hunting queries | Security - Network, Security - Threat Protection | Microsoft |
NIST SP 800-53 | Workbooks, analytic rules, playbooks | Security - Threat Protection | Microsoft |
PCI DSS Compliance | Workbook | Compliance | Microsoft |
Security Threat Essentials | Analytic rules, Hunting queries | Security - Others | Microsoft |
SOAR Essentials | Playbooks | Security - Automation (SOAR) | Microsoft |
SOC Handbook | Workbooks | Security - Others | Microsoft Sentinel community |
SOC Process Framework | Workbooks, watchlists, playbooks | Security - Cloud Security | Microsoft |
Threat Analysis Response | Workbooks | Compliance, Security - Others, Security - Threat Protection | Microsoft |
UEBA Essentials | Hunting queries | Security - Insider Threat, User Behavior (UEBA) | Microsoft |
Web Session Essentials | Analytics rules, hunting query, playbook, workbook | Security - Network | Microsoft |
Zero Trust (TIC 3.0) | Analytics rules, playbook, workbooks | Compliance, Identity, Security - Others | Microsoft |
ZINC Open Source Threat Protection | Analytic rules | Security - Threat Intelligence | Microsoft |
Next steps
- Learn more about Microsoft Sentinel Solutions.
- Find and deploy Microsoft Sentinel Solutions.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for