Azure Firewall

May 6, 2026

Azure Firewall Detection Quality Overhaul: Enhanced Alert Context and Reduced Query Costs

Comprehensive quality improvements to 11 Azure Firewall detections and 5 hunting queries add entity mappings, custom details, and query optimizations to reduce false positives and improve incident context. Read More →

February 13, 2026

Azure Firewall: Five New IDPS Analytic Rules for Advanced Threat Detection

Azure Firewall solution expanded with 5 new analytic rules targeting high/medium severity threats, DDoS attacks, web application attacks, and privilege escalation attempts. Read More →

December 10, 2025

ASIM WebSession Parser: Fixed Broken Azure Firewall Template Reference

Corrected case-sensitive path reference that was preventing Azure Firewall WebSession parser deployment. Read More →

December 5, 2025

Azure Firewall ASIM Parsers: Enhanced Detection Coverage for Six New Log Types

New ASIM normalisation parsers added for six Azure Firewall log tables, expanding detection coverage for network sessions, DNS queries, and web traffic analysis. Read More →

November 10, 2025

VMware ESXi SSH Brute Force Detection Plus Multi-Solution Updates

New VMware ESXi detection for multiple failed SSH login attempts, plus comprehensive solution updates across 15+ vendor solutions. Read More →

August 29, 2025

Azure Firewall Detection: Critical Time Range Fix Prevents Overlapping Alerts and Query Failures

Azure Firewall Abnormal Port to Protocol rule updated to fix brittle time range handling that caused duplicate alerts and failed detection when runtime was modified. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.