Slack Audit analytic rules, hunting queries, and workbook upgraded with improved KQL logic, custom alert details, and enhanced entity mappings for stronger workspace monitoring. Read More →
New hunting query detects first-time network connections by processes using cryptographic signer baselining to defeat DLL sideloading and BYOTA attacks. Read More →
Comprehensive quality improvements to 11 Azure Firewall detections and 5 hunting queries add entity mappings, custom details, and query optimizations to reduce false positives and improve incident context. Read More →
New Netskope solution adds 10 detections for web transaction monitoring including impossible travel, excessive downloads, shadow IT detection, and data exfiltration patterns. Read More →
blacklens.io Attack Surface Management platform now available in Content Hub with webhook-based alert ingestion and automated incident creation. Read More →
New Analytic Rule enables detection of malicious URLs from threat feeds in web traffic, closing coverage gap for URL-based indicators. Read More →
New analytic rules correlate threat intelligence indicators with GSA traffic while MCP Servers Dashboard provides Model Context Protocol server monitoring. Read More →
Updated threat hunting rules add MITRE ATT&CK mappings and fix parser function calls for improved threat detection coverage. Read More →