From c767f4aeb7d5d7e83db16b0b138c16bc9788c792 Mon Sep 17 00:00:00 2001
From: tas_kmanager <35577498+tas-kmanager@users.noreply.github.com>
Date: Tue, 4 Jun 2024 10:04:15 -0400
Subject: [PATCH] Update README.md

Added Microsoft XDR AH Schema
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 3d3f508..1b9cf11 100644
--- a/README.md
+++ b/README.md
@@ -59,6 +59,7 @@ All contributions are welcome, please carefully review the [contributing guideli
 - [Loghub](https://github.com/logpai/loghub) - Opensource and freely available security data sources for research and testing.
 - [Elastalert | Yelp](https://github.com/Yelp/elastalert) - ElastAlert is a simple framework for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch.
 - [Matano](https://github.com/matanolabs/matano) - Open source cloud-native security lake platform (SIEM alternative) for threat hunting, Python detections-as-code, and incident response on AWS 🦀.
+- [Microsoft XDR Advanced Hunting Schema](https://learn.microsoft.com/en-us/defender-xdr/advanced-hunting-schema-tables) To help with multi-table queries, you can use the advanced hunting schema, which includes tables and columns with event information and details about devices, alerts, identities, and other entity types.
 
 ## General Resources