@msticpy profile picture
msticpy @msticpy

#msticpy is an open source library for InfoSec investigation and hunting in #Jupyter Notebooks and #Python.

Joined January 2022
  • Tweets 200
  • Following 20
  • Followers 835
24 Photos and videos
msticpy retweeted
Ian Hellen@ianhellen
25 Sep 2025
MSTICPy v2.17.0 released - new RRCF outlier detection - AWS extension for Prisma Cloud AWS - Update Defender Auth to OAuth v2 and fix bugs - Python 3.12 support More details here github.com/microsoft/msticpy… @msticpy
PyPI Release page for mystic Pie

ALT PyPI Release page for mystic Pie

1
4
3
294
msticpy@msticpy
26 Mar 2024
MSTICPy 2.11.0 released This minor release includes: - Better handling of large/split queries for MS Sentinel - Updated support for installing MSTICPy in a Conda environment - Updates for future pandas support github.com/microsoft/msticpy…
6
10
1,145
msticpy@msticpy
12 Feb 2024
New versions of MSTICPy and MSTIC Notebooklets released: github.com/microsoft/msticpy… github.com/microsoft/msticnb…

Release v2.10.0 · microsoft/msticpy

What's Changed Add nest_asyncio to run threaded queries by @FlorianBracq in #737 Bump sphinx-rtd-theme from 1.3.0 to 2.0.0 by @dependabot in #738 Bump httpx from 0.25.0 to 0.25.2 by @dependabo...

github.com
1
3
12
936
msticpy@msticpy
16 Nov 2023
MSTICPY 2.9.0 released Includes new Threat Intel provider IPQualityScore and updated M365D to use MS Graph API for hunting queries. Fixes to startup, Synapse compat issues, Entities and more. See the release notes for a full rundown github.com/microsoft/msticpy…
2
9
21
2,217
msticpy@msticpy
16 Nov 2023
thx to contributors @PeteABryan Joey Dreyer, Chis Cianelli, Florian Bracq and 2xyo
1
1
137
msticpy@msticpy
4 Oct 2023
MSTICPy v2.8.0 released. Stability release - with several important fixes: - MS Sentinel failure when connecting using a connection string - Using supported method for multi-cloud Azure endpoints - Using msticpy in isolated environments.
1
7
1,254
msticpy@msticpy
15 Aug 2023
MSTICPy 2.7.0 release - 2 new threat intel providers for CrowdSec and AbuseIPDB - New MS Sentinel and Kusto drivers now the defaults - Query file editor for MSTICPy template queries - Azure auth fixes for MicrosoftSentinel More details github.com/microsoft/msticpy…
8
21
3,065
msticpy retweeted
Thomas Roccia 🤘
@fr0gger_
3 Aug 2023
Replying to @T_8ase
@T_8ase is going to present about @msticpy at the SANS DFIR Japan, check this out if you are around 🤩 Cc: @ianhellen
SANS Japan
@SANS_JAPAN
31 Jul 2023
9月7日と8日開催のSANS APAC DFIR Summitのアジェンダが公開されました!長谷川達也さんは「msticpyの実践活用: 高度な脅威ハンティングを実現すべくSIEMとの虹の懸け橋となる」と題して講演します! msticpyの機能紹介を説明し、msticpyとSIEMの活用について紹介します。 sans.org/cyber-security-trai…
1
2
3
395
msticpy@msticpy
25 Jul 2023
MSTICPy 2.6.0 released - Parallel queries for multiple instances of MS Sentinel workspaces and Kusto clusters - Parallel split queries (large time-range queries divided by smaller time periods) - Velociraptor data provider for querying exported data sets github.com/microsoft/msticpy…
11
22
6,292
msticpy@msticpy
30 May 2023
MSTICPy 2.5.0 released * New Sentinel and Kusto drivers with parallel queries, proxy and user-defined timeouts. * Plugin framework for MSTICPy data/TI/context providers * Import Sentinel hunting and detection queries * OSQuery data provider ... github.com/microsoft/msticpy…

Release v2.5.0 · microsoft/msticpy

Summary of main changes New MS Sentinel and Azure Kusto drivers/data providers - these include support for multi-threaded parallel queries, proxies and user-defined query timeouts. Extensibility m...

github.com
1
1
5
2,553
msticpy@msticpy
30 May 2023
... continued * Panel tabulator now supported as default data viewer (see panel.holoviz.org/reference/…) These are described more fully in the release notes and (mostly) in the updated docs msticpy.readthedocs.io/en/la…
1
174
msticpy retweeted
Ian Hellen@ianhellen
18 May 2023
Had a report that the search in MSTICPy ReadtheDocs was broken (apparently broken for a while due to a bug in the ReadTheDocs template. Happy to report that this is now fixed. msticpy.readthedocs.io/
1
5
1,053
msticpy@msticpy
11 Apr 2023
🚨 #MSTICPy has just merged a new PR to main! ashwin-patil added the PR - Read the docs update for Managed spark installation github.com/microsoft/msticpy… #python #MSTIC #infosec

Read the docs update for Managed spark installation by ashwin-patil · Pull Request #647 · microso...

added section under Installing for how to install in managed spark compute in AML

github.com
2
800
msticpy@msticpy
10 Apr 2023
🚨 #MSTICPy has just merged a new PR to main! petebryan added the PR - Updated Sentinel incident docs to reflect filtering options github.com/microsoft/msticpy… #python #MSTIC #infosec

Updated Sentinel incident docs to reflect filtering options by petebryan · Pull Request #648 ·...

Updated the Sentinel documenation to reflect the fact that you can now pass parameters to list_incidents to affect the returned results. The documents provide simple examples of adjusting the numbe...

github.com
1
179
msticpy@msticpy
7 Apr 2023
MSTICPy v2.4.0 released - New Pulsedrive TI module - Process tree updates (inc FireEye HX compat) - Bokeh 3.0 support - Improved diagnostics/logging - Fixes to Azure auth, Sentinel APIs and more. github.com/microsoft/msticpy…

Release v2.4.0 · microsoft/msticpy

Main changes for this release There are no huge changes in this release but a good variety of important updates and fixes. We're also delighted to welcome 3 new contributors to the MSTICPy fami...

github.com
4
13
3,012
msticpy@msticpy
5 Apr 2023
🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Reverting to bokeh version 2.4.3 for default install github.com/microsoft/msticpy… #python #MSTIC #infosec

Reverting to bokeh version 2.4.3 for default install by ianhelle · Pull Request #650 · microsoft/...

Replacing NAs in process_tree DF - causes Bokeh 3.0 to fail

github.com
1
1
165
msticpy@msticpy
22 Mar 2023
🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Misc updates for 2.3.2 release: github.com/microsoft/msticpy… #python #MSTIC #infosec

Misc updates for 2.3.2 release: by ianhelle · Pull Request #644 · microsoft/msticpy

adding bs4 to mocks for sphinx in conf.py updating min scikit-learn version to avoid numpy aliased types removal fix to azure_auth_core.py - if clientsecret type is specified it will only get added...

github.com
2
184
msticpy@msticpy
16 Mar 2023
🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Adding data query paths test for DEX support github.com/microsoft/msticpy… #python #MSTIC #infosec

Adding data query paths test for DEX support by ianhelle · Pull Request #638 · microsoft/msticpy

MyPy suppressions for some uses of ProviderSettings and PivotRegistration classes.

github.com
132
msticpy@msticpy
16 Mar 2023
🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - ProcTree and init_notebook fixes github.com/microsoft/msticpy… #python #MSTIC #infosec

ProcTree and init_notebook fixes by ianhelle · Pull Request #637 · microsoft/msticpy

Added process tree text renderer to process_tree_utils.py Found bug in process ordering due to sorting of short string numerics - fixed in proc_tree_builder.py related item in vtfile_behavior.py F...

github.com
1
157
msticpy@msticpy
16 Mar 2023
🚨 #MSTICPy has just merged a new PR to main! ianhelle added the PR - Adding logging and updating settings access github.com/microsoft/msticpy… #python #MSTIC #infosec

Adding logging and updating settings access by ianhelle · Pull Request #640 · microsoft/msticpy

Added Python logging to MSTICPy - currently only a few modules have this implemented but it's now there for use. We should instrument places like the authentication modules. I've al...

github.com
2
127
Load more