Vectra XDR Connector: Python Runtime Upgrade and Authentication Security Fix

What Changed

The Vectra XDR data connector received critical updates:

Python runtime upgraded from 3.9 to 3.12 (addressing deprecation timeline)
Authentication switched from DefaultAzureCredential to ManagedIdentityCredential for Key Vault access
Updated function app package (VectraXDR321.zip)

Security Impact (Visibility & Fidelity)

This addresses a significant security concern identified in PR discussion. DefaultAzureCredential was deemed inappropriate for production environments due to potential security risks with user data. The switch to ManagedIdentityCredential provides:

Deterministic credential behavior in production
Enhanced security for Key Vault secret access
Reduced credential management overhead

Per PR discussion: authentication changes were customer-requested for production deployment security.

Affected Files

Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/keyvault_secrets_management.py (credential type updated)
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/VectraXDR321.zip (Python 3.12 runtime package)

What Changed#

Security Impact (Visibility & Fidelity)#

Affected Files#

What Changed

Security Impact (Visibility & Fidelity)

Affected Files