Microsoft Sentinel content hub catalog
Solutions in Microsoft Sentinel provide a consolidated way to acquire Microsoft Sentinel content, like data connectors, workbooks, analytics, and automation, in your workspace with a single deployment step.
This article lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace. For the full list of solutions in Microsoft Sentinel, see Azure Marketplace.
When you deploy a solution, the security content included with the solution, such as data connectors, playbooks, or workbooks, are available in the relevant views for the content. For more information, see Centrally discover and deploy Microsoft Sentinel out-of-the-box content and solutions.
Important
The Microsoft Sentinel content hub experience is currently in PREVIEW, as are all individual solution packages. See the Supplemental Terms of Use for Microsoft Azure Previews for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
Domain solutions
| Name | Includes | Categories | Supported by |
|---|---|---|---|
| Attacker Tools Threat Protection Essentials | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
| Azure Security Benchmark | Workbooks, analytic rules, playbooks | Compliance, Security - Automation (SOAR), Security - Cloud Security | Microsoft |
| Cloud Identity Threat Protection Essentials | Analytic rules, hunting queries | Security - Cloud Security, Security - Threat Protection | Microsoft |
| Cloud Service Threat Protection Essentials | Hunting queries | Security - Cloud Security, Security - Threat Protection | Microsoft |
| Cybersecurity Maturity Model Certification (CMMC) 2.0 | Analytics rules, workbook, playbook | Compliance | Microsoft |
| Deception Honey Tokens | Workbooks, analytics rules, playbooks | Security - Threat Protection | Microsoft Sentinel community |
| Dev 0270 Detection and Hunting | Analytic rules | Security - Threat Protection | Microsoft |
| Dev-0537 Detection and Hunting | Security - Threat Protection | Microsoft | |
| DNS Essentials Solution | Analytics rules, hunting queries, playbooks, workbook | Security - Network | Microsoft |
| Endpoint Threat Protection Essentials | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
| Legacy IOC based Threat Protection | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
| Log4j Vulnerability Detection | Workbooks, analytic rules, hunting queries, watchlists, playbooks | Application, Security - Automation (SOAR), Security - Threat Protection, Security - Vulnerability Management | Microsoft |
| Microsoft Defender for IoT | Analytics rules, playbooks, workbook | Internet of Things (IoT), Security - Threat Protection | Microsoft |
| Maturity Model for Event Log Management M2131 | Analytics rules, hunting queries, playbooks, workbook | Compliance | Microsoft |
| Microsoft 365 Insider Risk Management (IRM) | Data connector, workbook, analytics rules, hunting queries, playbook | Security - Insider threat | Microsoft |
| Network Session Essentials | Analytics rules, hunting queries, playbooks, workbook | Security - Network | Microsoft |
| Network Threat Protection Essentials | Analytic rules, hunting queries | Security - Network, Security - Threat Protection | Microsoft |
| NIST SP 800-53 | Workbooks, analytic rules, playbooks | Security - Threat Protection | Microsoft |
| PCI DSS Compliance | Workbook | Compliance | Microsoft |
| Security Threat Essentials | Analytic rules, Hunting queries | Security - Others | Microsoft |
| SOAR Essentials | Playbooks | Security - Automation (SOAR) | Microsoft |
| SOC Handbook | Workbooks | Security - Others | Microsoft Sentinel community |
| SOC Process Framework | Workbooks, watchlists, playbooks | Security - Cloud Security | Microsoft |
| Threat Analysis Response | Workbooks | Compliance, Security - Others, Security - Threat Protection | Microsoft |
| UEBA Essentials | Hunting queries | Security - Insider Threat, User Behavior (UEBA) | Microsoft |
| Zero Trust (TIC 3.0) | Analytics rules, playbook, workbooks | Compliance, Identity, Security - Others | Microsoft |
| ZINC Open Source Threat Protection | Analytic rules | Security - Threat Intelligence | Microsoft |
All Microsoft Sentinel solutions
For the full list of solutions in Microsoft Sentinel, see Azure Marketplace.
Next steps
- Learn more about Microsoft Sentinel Solutions.
- Find and deploy Microsoft Sentinel Solutions.
Feedback
Submit and view feedback for