T1059

May 28, 2026

ASIM AlertEvent Support Added for Bitdefender GravityZone Security Platform

New parsers enable normalization of Bitdefender GravityZone alert data into Microsoft Sentinel ASIM schema for unified threat detection. Read More →

May 18, 2026

AWS Content Quality Overhaul: Standardized Detection Rules and Improved Entity Mappings

Comprehensive quality improvements to 61 AWS Analytic Rules and 35 Hunting Queries with standardized naming conventions, normalized MITRE technique mappings, and updated entity field references from legacy AccountCustomEntity to UserIdentityUserName. Read More →

January 5, 2026

SAP BTP: 10 New Enterprise Security Detections for Cloud Integration and Identity Service

New threat detection coverage for SAP BTP Cloud Integration tampering, identity service compromise, and audit service availability. Read More →

October 9, 2025

AWS and VMware ESXi: Three New Analytic Rules for Execution, Exfiltration, and Lateral Movement

Three new Analytic Rules added across AWS CloudTrail and VMware ESXi — detecting EC2 startup script tampering (T1059), anonymous S3 object exfiltration (T1530), and SSH enablement on ESXi hosts (T1021). Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.