Google Threat Intelligence ASIM AlertEvent Parser: Relevance System Alerts Now Normalised

New ASIM AlertEvent parsers add native normalisation for Google Threat Intelligence Relevance System Alerts, making GTI alert data available to all source-agnostic detections using the imAlertEvent and ASimAlertEvent schemas. Read More →

Google SecOps Solution: Publisher and Offer Identity Update

The Google SecOps Solution package has been re-registered under new marketplace publisher and offer identifiers — no detection logic or connector configuration was changed. Read More →

Google Workspace Reports: Google Meet Activity Logs Restored After Polling Window Gap

A missing queryWindowDelayInMin setting caused Google Meet audit events to be silently dropped by the CCF connector - adding a 30-minute delay restores ingestion of events that arrive late from Google API. Read More →

New ASIM AlertEvent Parser for Google SecOps Extends Normalised Detection Coverage

A new ASIM AlertEvent parser pair normalises Google SecOps Detection Alerts from the DetectionAlerts_CL custom table into the ASIM AlertEvent schema, enabling source-agnostic alert hunting and cross-platform detection rules against Google SecOps data. Read More →

Google SecOps Integration: New Detection Pipeline Connects Chronicle to Sentinel

Microsoft Sentinel gains visibility into Google Chronicle security detections through new connector and parsers. Read More →

Google Threat Intelligence Solution: Custom Connector Deployment Prerequisites Clarified

Solution metadata updated to warn customers that Playbooks require manual deployment of the GTI custom Logic Apps connector before use. Read More →

Google Directory Solution: New Playbook Integration with Extended Security Scope

Initial release of GoogleDirectory solution adds Google Workspace user security management capabilities to Microsoft Sentinel playbook automation. Read More →

Microsoft Sentinel Training Lab: Comprehensive Hands-On Security Operations Environment Now Available

New deployment-ready training lab delivers 14 guided exercises with pre-recorded telemetry, detection rules, and automation workflows for practical Microsoft Sentinel skill development. Read More →

ASIM AssetEntity Schema: EntitySource Enumeration and EntityOriginalSource Added

ASIM AssetEntity schema now enforces cloud platform enumeration and adds source traceability field. Read More →

Google Workspace Reports Connector Promoted to General Availability

Google Workspace Reports CCF connector exits preview status with updated OAuth configuration guidance. Read More →

Upwind Cloud Security: New Data Connector Unlocks Cloud Asset Visibility

New Upwind solution enables ingestion of compute platform assets with risk assessments, vulnerability data, and network exposure metrics. Read More →

Google Kubernetes Engine Connector: Documentation Update Links to Official Microsoft Learn

Google Kubernetes Engine connector documentation updated to reference official Microsoft Learn guides instead of personal repositories. Read More →

OAuth Data Connectors: Dynamic Redirect URI Support Simplifies Authentication Setup

Four OAuth-based data connectors now support dynamic redirect URIs, eliminating manual Azure portal configuration requirements. Read More →

Armis IoT Security Solution: Enhanced Log Ingestion and Data Collection Rule Integration

Major enhancement to Armis data connectors implementing Azure Monitor Logs Ingestion API with DCR support for improved data fidelity and performance. Read More →

GCP IAM Detection Logic Fixed — Correcting Service Account Key Detection Gaps

Two GCP IAM analytic rules had syntax errors preventing proper detection of token generation and key enumeration attacks. Read More →

GDPR Workbook: Expanded Asset Coverage Beyond On-Prem Hosts

GDPR compliance workbook now monitors security alerts across Azure, AWS, GCP, and blob storage assets, not just traditional servers. Read More →

Google Threat Intelligence: Enhanced Threat Hunting with MITRE ATT&CK Integration

Updated threat hunting rules add MITRE ATT&CK mappings and fix parser function calls for improved threat detection coverage. Read More →

GCP Security Command Center: New Detection Suite for Cloud Misconfigurations

New Solution delivers 5 Analytic Rules and 5 Hunting Queries to detect GCP security misconfigurations including unrestricted API keys, disabled security features, and risky IAM configurations. Read More →

UEBA Essentials: Enhanced Multi-Cloud Detection with 6 New AWS, GCP & Okta Hunting Queries

Major update adds comprehensive multi-cloud anomaly detection capabilities across AWS, GCP, and Okta platforms with 6 new hunting queries. Read More →

OneTrust Data Security Platform Connector: New Privacy and Risk Management Visibility

New CCF-based connector for OneTrust enables monitoring of privacy compliance, data governance, and risk management activities in Sentinel workspaces. Read More →