AWS Security Hub Solution v3.0.4: Workbook Metadata Correction
Fixes missing workbook metadata in AWS Security Hub solution package without changing detection or ingestion logic. Read More →
Auto-generated summaries of every merged PR in the Azure-Sentinel GitHub repo
Azure SQL Database Detection Rules: Enhanced MITRE Coverage and Alert Context
Quality improvements to 10 Azure SQL analytic rules add missing MITRE techniques, alert customization, and standardized query outputs. Read More →
SAP ETD: New Telemetry Tampering Detection Rules Target Defense Evasion
Two SAP Enterprise Threat Detection rules added to detect feed silence and per-SID data gaps, addressing T1562 defense evasion techniques. Read More →
SAP BTP: Enhanced Cloud Integration Deployment Detection with Audit Configuration Events
SAP BTP analytic rule reworked to use audit.configuration events, providing richer artifact context and improved actor attribution for Cloud Integration deployments. Read More →
Field Effect MDR Integration: New CCF Connector Delivers Cloud-Based Threat Detection
Field Effect MDR solution adds Microsoft Sentinel ingestion for ARO (Automated Response Operations) alerts via CCF, expanding managed detection coverage. Read More →
MuleSoft CloudHub: CCF Alerts Connector Expands DevOps Monitoring Coverage
New CCF connector adds alert ingestion capability to existing MuleSoft CloudHub logs solution, enabling comprehensive application lifecycle monitoring. Read More →
AWS Security Hub Compliance Workbook Metadata Added to Content Registry
Workbook metadata entry added for AWS Security Hub compliance visualization — workbook content deployment follows separately. Read More →
Cisco ETD: Migration to Message Event Logs API with Enhanced Email Security Visibility
Labeled P0 — assess deployment or pipeline breakage risk explicitly. Complete connector overhaul migrates to new Message Event Logs REST API providing enhanced email visibility beyond convicted messages. Read More →
Contrast ADR: Enhanced Attack Event Schema with Code Location and Vector Analysis Fields
CCF connector schema updated to capture additional attack context with codeLocation, vectorAnalysis, and request_parameters fields for improved threat analysis. Read More →
StealthTalk: New Enterprise Authentication Monitoring Solution with MITRE-Mapped Detection Portfolio
Complete StealthTalk Enterprise solution delivers four analytic rules targeting credential attacks (T1078, T1110, T1098) plus ASIM Authentication parsers and Teams integration. Read More →
Bitdefender GravityZone Parser: Critical Fix for Network Sandboxing Event Parsing Failure
ASIM parser for Bitdefender GravityZone was failing due to missing type cast, preventing ingestion of network sandboxing alerts. Read More →
Solutions Analyzer v9.8: Connector Discovery Accuracy and Documentation Deep-Links
Enhanced Solutions Analyzer tooling improves connector discovery accuracy and adds artifact deep-linking for external integrations. Read More →
Salesforce Service Cloud: New ASIM WebSession Parser Enables Normalized API/Web Request Monitoring
ASIM WebSession parser for Salesforce Service Cloud normalizes API and web session logs into standardized schema, enabling unified monitoring across SaaS platforms. Read More →
MuleSoft CloudHub: CCF Push Connector Eliminates API Rate Limits and Duplicate Data Issues
MuleSoft deploys real-time Log4j HTTP appender connector via CCF, offering customers performance alternative to existing Azure Function connector. Read More →
Microsoft 365 Audit Pipeline: Two New CCF Connectors Fill Copilot, DLP, and Specialty Workload Visibility Gap
New dual-connector CCF solution ingests 30 Microsoft 365 audit workloads including Copilot interactions, DLP events, and 29 specialty services into a unified 321-column schema. Read More →
Cyren Threat Intelligence: Data Fidelity Fix Corrects IP Field Pollution by URL UUIDs
DCR transform fix stops storing malware URL UUIDs in IP fields — improves data quality for threat intelligence queries. Read More →
Pathlock TDnR Connector: Critical JSON Fix Restores Deployment Capability
Invalid JSON in Pathlock TDnR connector definition blocked deployment via strict parsers — critical fix for P0 issue. Read More →
Cisco Meraki Parser: Critical Self-Reference Recursion Fixed After v3.0.5 Packaging Error
Restores Cisco Meraki parser functionality by fixing table reference error that caused recursive failure and broke all downstream queries. Read More →
Valimail Enforce Solution: Publisher Name Typo Corrected in Sentinel UI
Fixes misspelled publisher name from Valimmail to Valimail in the Data Connector configuration UI. Read More →
Agent 365 Solution: Content Hub Update Detection Restored After Package ID Mismatch
Restores Agent 365 v3.1.1 Content Hub update detection by fixing solution ID mismatch that prevented upgrade notifications. Read More →