T1571

May 6, 2026

Azure Firewall Detection Quality Overhaul: Enhanced Alert Context and Reduced Query Costs

Comprehensive quality improvements to 11 Azure Firewall detections and 5 hunting queries add entity mappings, custom details, and query optimizations to reduce false positives and improve incident context. Read More →

August 29, 2025

Azure Firewall Detection: Critical Time Range Fix Prevents Overlapping Alerts and Query Failures

Azure Firewall Abnormal Port to Protocol rule updated to fix brittle time range handling that caused duplicate alerts and failed detection when runtime was modified. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.