eDCRule Solution: Partner Center Metadata and Logo Corrected for Content Hub Publishing

Fixes publisherId alignment and swaps the logo reference from the Microsoft Sentinel default to the eDC company logo to pass Partner Center validation – no detection content was changed. Read More →

Holm Security VMP: New CCF Connector Ingests Network and Web Asset Inventory into Sentinel

A new CCF-based Data Connector for the Holm Security Vulnerability Management Platform adds direct ingestion of network and web asset inventory – including IP, hostname, OS, severity, and vulnerability counts – into two custom Log Analytics tables, enabling asset-aware threat hunting and vulnerability correlation in Microsoft Sentinel. Read More →

New BlueVoyant CCF Connector Brings Anthropic Claude Compliance Activity into Microsoft Sentinel

BlueVoyant new Solution adds a CCF-based Data Connector that polls the Anthropic Claude Compliance API every 10 minutes and lands compliance events in the custom table BV_ClaudeCompliance_ComplianceActivities_CL, opening a new AI platform audit surface in Sentinel. Read More →

UniFi Site Manager: New CCF Solution Adds Network Infrastructure Monitoring and Attack Surface Coverage

Community solution deploys 21 detections for UniFi network security posture, ISP performance degradation, and infrastructure defense evasion tactics. Read More →

Utimaco ESKM Integration: Enterprise Key Management Monitoring Arrives in Sentinel

New solution enables Microsoft Sentinel monitoring of Utimaco Enterprise Secure Key Manager KMIP operations and authentication events. Read More →

Akamai Guardicore v3.1.0: Function App Eliminated, CCF Migration Simplifies Microsegmentation Monitoring

Akamai Guardicore connector migrates from Azure Functions to Codeless Connector Framework, removing infrastructure overhead while preserving microsegmentation visibility. Read More →

Google SecOps Integration: New Detection Pipeline Connects Chronicle to Sentinel

Microsoft Sentinel gains visibility into Google Chronicle security detections through new connector and parsers. Read More →

Field Effect MDR Integration: New CCF Connector Delivers Cloud-Based Threat Detection

Field Effect MDR solution adds Microsoft Sentinel ingestion for ARO (Automated Response Operations) alerts via CCF, expanding managed detection coverage. Read More →

Filewall for Microsoft 365: New Solution Adds Data Exfiltration Detection for Exchange and Files

Complete CCF-based solution delivers real-time monitoring of blocked emails and files across Microsoft 365 services with immediate threat alerting. Read More →

NordStellar CCF Push Connector: Real-time Threat Intelligence Integration Now Available

New NordStellar solution delivers real-time threat intelligence and exposure monitoring via CCF Push architecture to unified NordStellar_CL table. Read More →

BloodHound Enterprise: Logo Update Aligns Solution Branding

Updated BloodHound Enterprise solution logo to current SpecterOps branding. Read More →

New Strider Shield Threat Intelligence Connector for Email Security Monitoring

NVISO introduces Strider Shield CCF connector enabling ingestion of email threat intelligence data across five data streams targeting phishing and BEC protection. Read More →

Red Sift Solution: New CCF Data Connector and Email Security Detections

Red Sift adds CCF-based email and authentication monitoring with 5 detection rules for phishing and account compromise scenarios. Read More →

Zimperium MTD: New CCF Push Connector for Mobile Threat Telemetry

Zimperium Mobile Threat Defense migrates to CCF-based push connector, replacing deprecated Azure Function ingestion before June 2026 deadline. Read More →

Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel

New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →

Valimail Enforce Solution: New Email Authentication Monitoring for DMARC/SPF/DKIM Configuration Changes

Complete Valimail Enforce monitoring solution delivers real-time detection of email authentication policy weakening and suspicious admin activity affecting domain security posture. Read More →

SOCRadar XTI Platform: New Extended Threat Intelligence Solution Launches with Bidirectional Sync

SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →

Citrix Analytics: New CCF Push Connector Enables Security Analytics Visibility

New Citrix Analytics CCF solution provides push-based ingestion for SPA and CVAD security events via Azure Monitor Logs Ingestion API. Read More →

New Attack Surface Management Solution: blacklens.io Brings External Threat Visibility to Microsoft Sentinel

blacklens.io Attack Surface Management platform now available in Content Hub with webhook-based alert ingestion and automated incident creation. Read More →

A365 Observability Connector: New AI Agent Telemetry Visibility in Microsoft Sentinel

New data connector for AI agent behavior monitoring brings telemetry from A365, AI Foundry, and Copilot into Microsoft Sentinel for security investigations. Read More →