Function App

Playbook Function App authentication level upgraded from anonymous to function-level to close security exposure. Read More →

XBOW connector upgrades to latest API version, adding attack credits tracking and recent event details to assessment ingestion for improved offensive security visibility. Read More →

ESET connector switches from unreliable timestamp filtering to delta tokens, closing potential data loss gaps during high-volume ingestion periods. Read More →

Function keys now required for HTTP-triggered functions in Zoom, Zscaler, FortiGate, Cofense, Illumio, and Infoblox connectors—removing anonymous access vulnerability. Read More →

Addressed lint issues, package vulnerabilities, and code vulnerabilities in Cyjax threat intelligence connector. Read More →

Doubled retry delay to 120 seconds to address Duo API throttling requirements preventing log collection. Read More →

Critical fix migrates GitHub parsers and workbooks to support CLv2 ingestion table and updated GitHub alert event schemas, ensuring compatibility across V1 and V2 deployments. Read More →

Deployment source moved to stable Microsoft repo, custom table schemas fixed, and Function App ingestion enhanced for reliable attack path visibility. Read More →

Joe Sandbox solution updated to v3.0.1 with Azure template fixes, updated storage API versions, and improved IOC processing in playbooks. Read More →

CrowdStrike’s Function App-based data replicator was incorrectly deprecated and has been restored to active status to maintain government deployment support. Read More →

Upwind connector Function App deployment was failing due to incorrect zip structure and ARM template configuration - fixed with flat zip layout and implicit hosting plan. Read More →

Fixed Function App deployment packaging errors and improved security by converting ARM template secrets to secure strings. Read More →

New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →

New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →

ExtraHop connector reverted to previous function app package to resolve customer-facing deployment issues affecting data ingestion. Read More →

Fixes potential Python exception in CloudTrail ingestion function when encountering unsupported file formats, preventing data ingestion failure. Read More →

Python connector security vulnerabilities patched with improved error handling and null check additions. Read More →

Microsoft has deprecated Azure Function-based connectors for Okta SSO, SentinelOne, Sophos Endpoint Protection, and VMware Carbon Black Cloud in favor of CCF alternatives. Read More →

Legacy Azure Function connectors for Atlassian Jira, Auth0, Box, and CrowdStrike are now deprecated as solutions transition to the modern CCF architecture. Read More →

A batching bug in the BeyondTrust PM Cloud connector was causing 413 errors and incomplete endpoint security event ingestion when payload sizes exceeded Log Analytics limits. Read More →