# SentinelOne-ATTACK-Queries
MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity

This project aims to document (mostly Windows) SentinelOne queries for detecting TTPs generated by Red Canary Co's Atomic Red Team framework.

[Privilege Escalation](https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries/blob/master/PrivilegeEscalation.md)

[Defense Evasion](https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries/blob/master/DefenseEvasion.md)

[Persistence]()

[Impact]()

[Discovery]()

[Command and Control]()

[Collection]()

[Execution]()

[Exfiltration]()

[Credential Access]()

[Lateral Movement]()

[Initial Access]()