Microsoft Sentinel content hub catalog
Solutions in Microsoft Sentinel provide a consolidated way to acquire Microsoft Sentinel content, like data connectors, workbooks, analytics, and automation, in your workspace with a single deployment step.
This article helps you find the full list of the solutions available in Microsoft Sentinel. This article also lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace.
When you deploy a solution, the security content included with the solution, such as data connectors, playbooks, or workbooks, are available in the relevant views for the content. For more information, see Centrally discover and deploy Microsoft Sentinel out-of-the-box content and solutions.
Domain solutions
The following table lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace.
Name | Includes | Categories | Supported by |
---|---|---|---|
Attacker Tools Threat Protection Essentials | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
Azure Security Benchmark | Workbooks, analytic rules, playbooks | Compliance, Security - Automation (SOAR), Security - Cloud Security | Microsoft |
Cloud Identity Threat Protection Essentials | Analytic rules, hunting queries | Security - Cloud Security, Security - Threat Protection | Microsoft |
Cloud Service Threat Protection Essentials | Hunting queries | Security - Cloud Security, Security - Threat Protection | Microsoft |
Dev 0270 Detection and Hunting | Analytic rules | Security - Threat Protection | Microsoft |
Dev-0537 Detection and Hunting | Security - Threat Protection | Microsoft | |
Endpoint Threat Protection Essentials | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
Legacy IOC based Threat Protection | Analytic rules, hunting queries | Security - Threat Protection | Microsoft |
Log4j Vulnerability Detection | Workbooks, analytic rules, hunting queries, watchlists, playbooks | Application, Security - Automation (SOAR), Security - Threat Protection, Security - Vulnerability Management | Microsoft |
Microsoft Defender for IoT | Analytics rules, playbooks, workbook | Internet of Things (IoT), Security - Threat Protection | Microsoft |
Maturity Model for Event Log Management M2131 | Analytics rules, hunting queries, playbooks, workbook | Compliance | Microsoft |
Network Session Essentials | Analytics rules, hunting queries, playbooks, workbook | Security - Network | Microsoft |
Network Threat Protection Essentials | Analytic rules, hunting queries | Security - Network, Security - Threat Protection | Microsoft |
NIST SP 800-53 | Workbooks, analytic rules, playbooks | Security - Threat Protection | Microsoft |
PCI DSS Compliance | Workbook | Compliance | Microsoft |
Security Threat Essentials | Analytic rules, Hunting queries | Security - Others | Microsoft |
SOAR Essentials | Playbooks | Security - Automation (SOAR) | Microsoft |
SOC Handbook | Workbooks | Security - Others | Microsoft Sentinel community |
SOC Process Framework | Workbooks, watchlists, playbooks | Security - Cloud Security | Microsoft |
UEBA Essentials | Hunting queries | Security - Insider Threat, User Behavior (UEBA) | Microsoft |
Zero Trust (TIC 3.0) | Analytics rules, playbook, workbooks | Compliance, Identity, Security - Others | Microsoft |
ZINC Open Source Threat Protection | Analytic rules | Security - Threat Intelligence | Microsoft |
Next steps
- Learn more about Microsoft Sentinel Solutions.
- Find and deploy Microsoft Sentinel Solutions.