What Changed
New SOX IT Compliance solution added to Microsoft Sentinel Content Hub, providing regulatory compliance monitoring for IT systems supporting financial reporting under the Sarbanes-Oxley Act. The solution includes compliance workbooks for tracking IT system changes, access controls, and segregation of duties required for SOX 302/404 controls.
Compliance Coverage
The SOX IT Compliance solution provides monitoring capabilities for:
- IT change management controls and approval workflows
- Segregation of duties in financial systems access
- Privileged access monitoring for systems touching financial data
- Configuration change tracking for SOX-relevant infrastructure
- Audit trail generation for compliance reporting
Additional Updates
Multiple solutions received maintenance updates:
- Lookout: Major version 3.0.1 with enhanced mobile threat detection capabilities, new Analytic Rules for audit events and device compliance, updated DCR configuration for streaming connector
- Oracle Cloud Infrastructure: Enhanced CCF connector configuration with expanded data collection rules and improved field mappings
- Varonis SaaS: Function App connector improvements for data loss prevention monitoring
- Microsoft Entra ID: Updated Playbooks for session revocation capabilities
Affected Files
Solutions/SOX IT Compliance/Workbooks/SOXITCompliance.json
Solutions/SOX IT Compliance/Data/Solution_SOX IT Compliance.json
Solutions/Lookout/Analytic Rules/LookoutThreatEventV2.yaml
Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/
(packaging artefacts: mainTemplate.json, createUiDefinition.json, etc.)