Google Threat Intelligence Solution: Custom Connector Deployment Prerequisites Clarified
Solution metadata updated to warn customers that Playbooks require manual deployment of the GTI custom Logic Apps connector before use. Read More →
GCP
Google Directory Solution: New Playbook Integration with Extended Security Scope
Initial release of GoogleDirectory solution adds Google Workspace user security management capabilities to Microsoft Sentinel playbook automation. Read More →
Microsoft Sentinel Training Lab: Comprehensive Hands-On Security Operations Environment Now Available
New deployment-ready training lab delivers 14 guided exercises with pre-recorded telemetry, detection rules, and automation workflows for practical Microsoft Sentinel skill development. Read More →
ASIM AssetEntity Schema: EntitySource Enumeration and EntityOriginalSource Added
ASIM AssetEntity schema now enforces cloud platform enumeration and adds source traceability field. Read More →
Google Workspace Reports Connector Promoted to General Availability
Google Workspace Reports CCF connector exits preview status with updated OAuth configuration guidance. Read More →
Upwind Cloud Security: New Data Connector Unlocks Cloud Asset Visibility
New Upwind solution enables ingestion of compute platform assets with risk assessments, vulnerability data, and network exposure metrics. Read More →
Google Kubernetes Engine Connector: Documentation Update Links to Official Microsoft Learn
Google Kubernetes Engine connector documentation updated to reference official Microsoft Learn guides instead of personal repositories. Read More →
OAuth Data Connectors: Dynamic Redirect URI Support Simplifies Authentication Setup
Four OAuth-based data connectors now support dynamic redirect URIs, eliminating manual Azure portal configuration requirements. Read More →
Armis IoT Security Solution: Enhanced Log Ingestion and Data Collection Rule Integration
Major enhancement to Armis data connectors implementing Azure Monitor Logs Ingestion API with DCR support for improved data fidelity and performance. Read More →
GCP IAM Detection Logic Fixed — Correcting Service Account Key Detection Gaps
Two GCP IAM analytic rules had syntax errors preventing proper detection of token generation and key enumeration attacks. Read More →
GDPR Workbook: Expanded Asset Coverage Beyond On-Prem Hosts
GDPR compliance workbook now monitors security alerts across Azure, AWS, GCP, and blob storage assets, not just traditional servers. Read More →
Google Threat Intelligence: Enhanced Threat Hunting with MITRE ATT&CK Integration
Updated threat hunting rules add MITRE ATT&CK mappings and fix parser function calls for improved threat detection coverage. Read More →
GCP Security Command Center: New Detection Suite for Cloud Misconfigurations
New Solution delivers 5 Analytic Rules and 5 Hunting Queries to detect GCP security misconfigurations including unrestricted API keys, disabled security features, and risky IAM configurations. Read More →
UEBA Essentials: Enhanced Multi-Cloud Detection with 6 New AWS, GCP & Okta Hunting Queries
Major update adds comprehensive multi-cloud anomaly detection capabilities across AWS, GCP, and Okta platforms with 6 new hunting queries. Read More →
OneTrust Data Security Platform Connector: New Privacy and Risk Management Visibility
New CCF-based connector for OneTrust enables monitoring of privacy compliance, data governance, and risk management activities in Sentinel workspaces. Read More →
Multi-Solution Update: Microsoft 365 Filters, GDPR Workbook Enhancements, and New BigID Solution
Major update spanning 15+ solutions adds Microsoft 365 filters, GDPR workbook improvements, new BigID DSPM solution, and Netskope v2 with comprehensive parsers. Read More →
Sentinel CCF Packaging Tool: Adding JWT Token Authentication Support
CCF packaging tooling now supports JWT token authentication alongside existing methods for connector development. Read More →
Multiple Solutions Added: Palo Alto aiohttp Update Plus New Obsidian and SAP S4 Connectors
Palo Alto Prisma Cloud dependency security update alongside new Obsidian Datasharing and SAP S4 Cloud Public Edition connector solutions. Read More →
Multiple Solution Updates: GKE GA Promotion and SAP ETD Investigation Capability
Google Kubernetes Engine connector promoted to GA while SAP ETD Cloud gains investigation data ingestion and enhanced detection coverage. Read More →
Cloudflare Connector: Security Dependency Update for aiohttp Library
aiohttp library updated from 3.10.11 to 3.12.14 in Cloudflare connector addressing potential security vulnerabilities. Read More →