Morphisec Solution: New CCF Connector for Advanced Threat Prevention and Endpoint Security

Data Source

Morphisec provides Moving Target Defense technology for advanced threat prevention, delivering endpoint protection against zero-day attacks, advanced persistent threats, and in-memory exploits. The solution ingests security alerts, threat detections, and endpoint protection events.

Ingestion Mechanism

CCF-based connector that polls Morphisec API endpoints for security alerts and threat detection events. The connector transforms Morphisec security data into structured logs for analysis and correlation within Microsoft Sentinel.

Detection Surface Unlocked

Enables detection of advanced threats including zero-day exploits, process-level anomalies, and in-memory attacks that traditional signature-based solutions miss. Includes analytic rules for critical severity detections, device alert surges, and process-level anomalies to identify sophisticated attack campaigns.

Affected Files

Solutions/Morphisec/Data Connectors/Morphisec_CCF/Morphisec_ConnectorDefinition.json
Solutions/Morphisec/Data Connectors/Morphisec_CCF/Morphisec_DCR.json
Solutions/Morphisec/Analytic Rules/MorphisecCriticalSeverityDetection.yaml
Solutions/Morphisec/Analytic Rules/MorphisecDeviceAlertSurge.yaml
Solutions/Morphisec/Workbooks/MorphisecOverview.json
(packaging artefacts: mainTemplate.json, Solution_Morphisec.json, plus 200+ mixed repository updates)