This release includes 3 new notebooklets: AccountSummary, IPAddressSummary and LogonSessionRarity.

It’s been a while since we updated any notebooklets but then three come along at once! For some background read the original announcement of notebooklets.

This release also integrates the notebooklets with MSTICPy’s pivot functions, so that you can call…

(We skipped a 1.2.0 with a few last-minute fixes)

This release contains some interesting new features, two of which were contributed by community members Ryan Cobb and Julien Touche. These features are: two new data providers for Azure Resource Graph and Sumologic, and a DataViewer control for pandas dataframes.

Azure Resource Graph provider


We recently released an update to MSTICPy that adds some cool new features as well as some minor fixes.

Warning — this release includes some potentially breaking changes since we have renamed several pivot functions to have shorter, friendlier names. Several Azure Sentinel query functions have shortened names.

Pivot improvements

We’ve decided that it’s time to bring MSTICPy out of beta and let it fend for itself in the big wide world.

The 1.0 release has some significant features that we’ll be testing and would like you to try out:

  1. Implementing pip “extras” to split dependencies into optional chunks
  2. Settings…

We recently just released a new version of MSTICPy with a feature called Pivot functions.

Pivot functions have three main goals:

  • Making it easy to discover and invoke MSTICPy functionality.
  • Creating a standardized way to call pivotable functions.
  • Letting you assemble multiple functions into re-usable pipelines.

The pivot functionality exposes…

We’re pleased to announce the release of MSTICPy 0.8.8 (which should have been 0.8.5 but a few hiccups caused us to do some hotfixes before announcing)

This release has a few new cool features (plus the usual share of fixes):

  • VirusTotal API V3 support — with notebook support for viewing…

We recently released 0.8.0 of MSTICPy. The significant features in the release are:

  • New widgets, a mechanism for selected widgets to persist and recall their state, and the ability to drive widget values from notebook parameters.
  • Data obfuscation functions — not something you’ll likely need during the average investigation but…


This is the account of the Microsoft Threat Intelligence Center (MSTIC).

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store