What Changed
Updated Samsung Knox Asset Intelligence DCR to remove 13 event types from the data schema and deleted the SamsungKnoxKeyguardDisabledFeatureSet.yaml analytic rule.
Data Fidelity Impact
Organizations using Samsung Knox Asset Intelligence will lose visibility into 13 specific event categories that were previously collected. The deleted analytic rule (Keyguard Disabled Feature Set detection) will no longer function as its underlying data source has been removed from the DCR schema.
Removed Detection
The SamsungKnoxKeyguardDisabledFeatureSet.yaml rule provided detection capability for Android device security bypass attempts through keyguard feature manipulation. This detection gap affects mobile device security monitoring.
Affected Files
Solutions/Samsung Knox Asset Intelligence/Data Connectors/azuredeploy_SamsungDataConnectorDefinition.json Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxKeyguardDisabledFeatureSet.yaml (packaging artefacts: mainTemplate.json, createUiDefinition.json, Solution metadata) (Note: Many additional files changed due to bulk maintenance updates across solutions)