TL;DR — I’ve created a Microsoft Threat Protection advanced hunting Jupyter notebook and shared it on my GitHub repository:

Microsoft Threat Protection

Microsoft Threat Protection unifies pre- and post-breach enterprise defenses and natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.

Image for post
Image for post

It combines the power of Microsoft Defender ATP, Azure AD Identity Protection, Microsoft Cloud App Security and Office 365 ATP. Do you have 2 or more of these products in your environment, then try out MTP by going to

Advanced Hunting

Microsoft Threat Protection features a built-in Advanced Hunting capability, much like the one in Microsoft Defender ATP. …


Maarten Goet

Microsoft MVP and Microsoft Regional Director.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store