ASIM Authentication: New Palo Alto Prisma Cloud Compute Parser Brings Login Visibility to Sentinel

Two new ASIM Authentication parsers normalize Palo Alto Prisma Cloud Compute management audit login events into the unified schema, closing a previously uncovered authentication blind spot for Prisma Cloud Compute deployments. Read More →

New ASIM Authentication Parser Adds Google Workspace Login Visibility via GoogleWorkspaceReports Table

A new ASIM Authentication parser for Google Workspace Logins normalises login, logout, and suspicious sign-in events from the GoogleWorkspaceReports table, enabling source-agnostic detections to cover Google Workspace identity activity for the first time. Read More →

Google Threat Intelligence ASIM AlertEvent Parser: Relevance System Alerts Now Normalised

New ASIM AlertEvent parsers add native normalisation for Google Threat Intelligence Relevance System Alerts, making GTI alert data available to all source-agnostic detections using the imAlertEvent and ASimAlertEvent schemas. Read More →

New ASIM WebSession Parser Brings AWS WAF Traffic into Normalized Detection Coverage

AWS WAF web session logs can now be ingested and normalized via the ASIM WebSession schema, enabling source-agnostic detections against WAF allow/block/challenge/captcha decisions from the AWSWAF table. Read More →

CrowdStrike Falcon AlertEvent ASIM Parser: Falcon Detections Now Normalised into Unified Alert Schema

A new ASIM AlertEvent parser for CrowdStrike Falcon ingested via CCF normalises detection data from the CrowdStrikeDetections table into the ASIM AlertEvent schema, enabling source-agnostic detection and hunting queries across EDR alert data. Read More →

Netskope Security Cloud Joins ASIM AlertEvent Schema — Threats Now Normalised from NetskopeAlerts_CL

A new ASIM AlertEvent parser for Netskope Security Cloud normalises DLP, malware, C2, IPS, compromised credential, UBA, and policy alerts from the NetskopeAlerts_CL table into the standard AlertEvent schema, enabling source-agnostic detections and hunting across Netskope data. Read More →

Akamai Guardicore v3.1.0: Function App Eliminated, CCF Migration Simplifies Microsegmentation Monitoring

Akamai Guardicore connector migrates from Azure Functions to Codeless Connector Framework, removing infrastructure overhead while preserving microsegmentation visibility. Read More →

Google SecOps Integration: New Detection Pipeline Connects Chronicle to Sentinel

Microsoft Sentinel gains visibility into Google Chronicle security detections through new connector and parsers. Read More →

ASIM AlertEvent Support Added for Bitdefender GravityZone Security Platform

New parsers enable normalization of Bitdefender GravityZone alert data into Microsoft Sentinel ASIM schema for unified threat detection. Read More →

GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion

New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →

SOCRadar XTI Platform: New Extended Threat Intelligence Solution Launches with Bidirectional Sync

SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →

Microsoft 365 Defender Process Parsers: Enhanced File Metadata Visibility

ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →

Contrast ADR: CCF Connector Deployment Unlocks Application Attack Visibility

Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →

Palo Alto GlobalProtect: New ASIM Authentication Parser for VPN Monitoring

New ASIM parser normalizes GlobalProtect VPN authentication events from CommonSecurityLog table, enabling unified monitoring of gateway and portal authentication across Palo Alto PAN-OS deployments. Read More →

Fortigate ASIM Parser: Field Name Consistency Fix for Network Session Schema

Field name inconsistencies in Fortigate ASIM parsers corrected to ensure proper schema compliance and data normalization. Read More →

Critical Cloudflare Analytics Rules: Enhanced URL Entity Mapping and Repository Maintenance

P0-labeled update improves URL entity mapping in Cloudflare detection rules alongside extensive repository maintenance and validation improvements. Read More →

Azure Firewall ASIM Parsers: Enhanced Detection Coverage for Six New Log Types

New ASIM normalisation parsers added for six Azure Firewall log tables, expanding detection coverage for network sessions, DNS queries, and web traffic analysis. Read More →

ZeroFox CCF Connector: KQL Query Restoration and Multi-Solution Maintenance

ZeroFox CCF connector receives missing KQL query fixes alongside packaging updates across 8+ solutions. Read More →

Salesforce Service Cloud Connector: Column Name Bug Fix Plus Multi-Solution Updates

Fixed critical column name mapping bug in Salesforce Service Cloud CCF connector preventing proper data ingestion. Read More →

Zscaler ZIA ASIM Parser: Device Model Field Parsing Fix Restores Visibility

ASIM WebSession parser for Zscaler ZIA corrected devicemodel parsing logic that was preventing proper device categorization. Read More →