-
Notifications
You must be signed in to change notification settings - Fork 193
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
41 additions
and
0 deletions.
There are no files selected for viewing
41 changes: 41 additions & 0 deletions
41
...dule 2- Prompting an uploaded file content Using Copilot For Security/readme.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| # Welcome to Microsoft Copilot for Security Labs! | ||
| # Introduction | ||
|  | ||
| ## Prompting for an uploaded file in Copilot for Security | ||
| #### ⌛ Estimated time to complete this lab: 20 minutes | ||
| #### 🎓 Level: 200 (Proficient) | ||
|
|
||
| #### Objectives | ||
|
|
||
| Upon completing this technical guide, you will gain the following abilities:<br> | ||
|
|
||
| * Leverage the File upload capability plugin with prompts direclty from Copilot For Security.<br> | ||
|
|
||
|
|
||
| #### Scenario | ||
| "In this technical workshop, participants will learn how to search for documents and leverage the infromation in practical Scurity Operation scenarios .To successfully complete this task, you must meet the following prerequisites:<br> | ||
|
|
||
| * You need your own tenant and Microsoft Copilot for Security instance.<br> | ||
| * uplaoded files from the Previous Module .<br> | ||
|
|
||
|
|
||
| # Workshop Agenda: Prompting for an uploaded file in Copilot for Security | ||
|
|
||
| ## 1. Access the SANS (" Hunt Evil Poster Document") | ||
| - Access the Document from the samples folder in the GitHub Here [Hunt Evil Poster PDF](https://github.com/Azure/Copilot-For-Security/blob/main/Technical%20Workshops/Knowledge%20base%20Workshop/Sample%20Files/Hunt%20Evil%20Poster.pdf) or access it from the Link here : https://www.sans.org/posters/hunt-evil/ | ||
|
|
||
|  | ||
|
|
||
| - Ensure the document is added on your file upload capability in Copilot For Security | ||
|
|
||
| ## 2. Prompting Uploade files using Copilot for Security | ||
|
|
||
| - send out the first Prompt Querying the data in the document , we will focus on a couple of senarios , in the hunt evil document we will focus on pulling infromation associated with Lateral Movement ( key focus on how its achieed with Remote Access or Remote Execution) | ||
|
|
||
| **Prompt 1: Could you show me the event IDs associated with Remote execution from the SANS_DFPS_FOR508_v4.10_02-23 (1).pdf document from the uploaded files in a table format** | ||
|
|
||
|  | ||
|
|
||
| **Prompt 2: Leveraging the above Event IDs , hunt my defender environment for any events associated with them.** | ||
|  | ||
|
|