Malware Analysis

May 27, 2026

Hunting Query: Ephemeral Code Signing Certificates for Malware-Signing-as-a-Service Detection

New hunting query identifies short-lived code signing certificates (≤14 days) on non-developer endpoints to detect Fox Tempest MSaaS operations. Read More →

May 4, 2026

Joe Sandbox Solution: ARM Template Fixes and IOC Handling Improvements

Joe Sandbox solution updated to v3.0.1 with Azure template fixes, updated storage API versions, and improved IOC processing in playbooks. Read More →

April 20, 2026

Recorded Future Sandbox: Enhanced Region Support and Improved Threat Intelligence Structure

Recorded Future adds sandbox region configuration parameter and moves threat intelligence evidence details to comply with STIX standard structure. Read More →

February 13, 2026

JoeSandbox Solution: Updated Deployment Links and Removed Manual Installation Steps

JoeSandbox solution deployment documentation updated with corrected Azure links and streamlined automated deployment options. Read More →

January 22, 2026

New Solution: JoeSandbox Threat Intelligence and Malware Analysis Platform Integration

Complete JoeSandbox solution deployment enabling automated malware analysis, threat intelligence feed ingestion, and incident enrichment playbooks for Microsoft Sentinel. Read More →

November 10, 2025

VMRay Connector: Fixed Premium ARM Template Security Configuration

ARM template deployment fix adds mandatory TLS 1.2 enforcement and corrects resource configuration for VMRay Function App connector. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.