Microsoft Sentinel content hub catalog

Solutions in Microsoft Sentinel provide a consolidated way to acquire Microsoft Sentinel content, like data connectors, workbooks, analytics, and automation, in your workspace with a single deployment step.

This article lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace. For the full list of solutions in Microsoft Sentinel, see Azure Marketplace.

When you deploy a solution, the security content included with the solution, such as data connectors, playbooks, or workbooks, are available in the relevant views for the content. For more information, see Centrally discover and deploy Microsoft Sentinel out-of-the-box content and solutions.

Important

The Microsoft Sentinel content hub experience is currently in PREVIEW, as are all individual solution packages. See the Supplemental Terms of Use for Microsoft Azure Previews for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

Domain solutions

Name Includes Categories Supported by
Attacker Tools Threat Protection Essentials Analytic rules, hunting queries Security - Threat Protection Microsoft
Azure Security Benchmark Workbooks, analytic rules, playbooks Compliance, Security - Automation (SOAR), Security - Cloud Security Microsoft
Cloud Identity Threat Protection Essentials Analytic rules, hunting queries Security - Cloud Security, Security - Threat Protection Microsoft
Cloud Service Threat Protection Essentials Hunting queries Security - Cloud Security, Security - Threat Protection Microsoft
Cybersecurity Maturity Model Certification (CMMC) 2.0 Analytics rules, workbook, playbook Compliance Microsoft
Deception Honey Tokens Workbooks, analytics rules, playbooks Security - Threat Protection Microsoft Sentinel community
Dev 0270 Detection and Hunting Analytic rules Security - Threat Protection Microsoft
Dev-0537 Detection and Hunting Security - Threat Protection Microsoft
DNS Essentials Solution Analytics rules, hunting queries, playbooks, workbook Security - Network Microsoft
Endpoint Threat Protection Essentials Analytic rules, hunting queries Security - Threat Protection Microsoft
Legacy IOC based Threat Protection Analytic rules, hunting queries Security - Threat Protection Microsoft
Log4j Vulnerability Detection Workbooks, analytic rules, hunting queries, watchlists, playbooks Application, Security - Automation (SOAR), Security - Threat Protection, Security - Vulnerability Management Microsoft
Microsoft Defender for IoT Analytics rules, playbooks, workbook Internet of Things (IoT), Security - Threat Protection Microsoft
Maturity Model for Event Log Management M2131 Analytics rules, hunting queries, playbooks, workbook Compliance Microsoft
Microsoft 365 Insider Risk Management (IRM) Data connector, workbook, analytics rules, hunting queries, playbook Security - Insider threat Microsoft
Network Session Essentials Analytics rules, hunting queries, playbooks, workbook Security - Network Microsoft
Network Threat Protection Essentials Analytic rules, hunting queries Security - Network, Security - Threat Protection Microsoft
NIST SP 800-53 Workbooks, analytic rules, playbooks Security - Threat Protection Microsoft
PCI DSS Compliance Workbook Compliance Microsoft
Security Threat Essentials Analytic rules, Hunting queries Security - Others Microsoft
SOAR Essentials Playbooks Security - Automation (SOAR) Microsoft
SOC Handbook Workbooks Security - Others Microsoft Sentinel community
SOC Process Framework Workbooks, watchlists, playbooks Security - Cloud Security Microsoft
Threat Analysis Response Workbooks Compliance, Security - Others, Security - Threat Protection Microsoft
UEBA Essentials Hunting queries Security - Insider Threat, User Behavior (UEBA) Microsoft
Zero Trust (TIC 3.0) Analytics rules, playbook, workbooks Compliance, Identity, Security - Others Microsoft
ZINC Open Source Threat Protection Analytic rules Security - Threat Intelligence Microsoft

All Microsoft Sentinel solutions

For the full list of solutions in Microsoft Sentinel, see Azure Marketplace.

Next steps