ASIM WebSession Parser: New Cisco Umbrella Proxy Log Coverage
New ASIM parser adds web session visibility for Cisco Umbrella proxy logs, normalizing HTTP/HTTPS traffic data to standard schema. Read More →
Cisco Umbrella Connector: Critical Fix for State Manager Corruption and Data Ingestion Crashes
Cisco Umbrella connector fixes critical null-byte corruption in Azure File Share state markers that was causing complete ingestion failures. Read More →
Varonis Purview Connector: Schema Update Enhances Data Fidelity and Field Coverage
Varonis Purview schema update adds new fields and corrects data types, improving query reliability for asset tracking and classification data. Read More →
Netskope Connector: Title Update to Clarify CCF Usage
Cosmetic title change to clarify the connector uses Codeless Connector Framework for Netskope API ingestion. Read More →
Box Events Connector: Title Update to Clarify CCF Usage
Cosmetic title change from “Box Events (CCP)” to “Box Events (via Codeless Connector Framework)” to reflect current terminology. Read More →
Okta Single Sign-On Connector: Title Update to Clarify CCF Usage
Cosmetic title change to clarify the connector uses Codeless Connector Framework for Okta API ingestion. Read More →
SentinelOne Connector: Title Update to Clarify CCF Usage
Cosmetic title change to clarify the connector uses Codeless Connector Framework for API ingestion. Read More →
Sophos Endpoint Protection Connector: Title Update with Deprecated Terminology
Connector title updated to indicate CCF usage, but incorrectly uses deprecated “Codeless Connector Platform” instead of current “Codeless Connector Framework” terminology. Read More →
VMware Carbon Black Cloud Connector: Title Update to Clarify CCF Usage
Cosmetic title change to clarify the connector uses Codeless Connector Framework for AWS S3 ingestion. Read More →
Microsoft Threat Intelligence: Detection Logic Optimization Risks in Domain/URL Mapping Rule
Analytic rule optimization introduces potential detection gaps by reordering deduplication before indicator validity checks. Read More →
Auth0 CCF Connector: UI Branding Updated for Framework Visibility
Auth0 connector display name updated to clarify CCF implementation, supporting connector adoption transparency. Read More →
IPinfo Connectors: Azure Functions Dependency Fix for Linux Runtime
All IPinfo connector Azure Function packages rebuilt to resolve dependency issues with Linux runtime. Read More →
Commvault Security IQ: Enhanced Threat Scan Event Coverage and Parser Fix
Two new threat scan event types added to ingestion with regex fix for PascalCase field extraction. Read More →
Illumio Connector: Enhanced Security with Managed Identity Authentication
Illumio Function App connector replaces DefaultAzureCredential with ManagedIdentityCredential, eliminating client secret exposure. Read More →
Cyren Threat Intelligence: SentinelOne IOC Automation Solution Deployed
New Content Hub solution automates IOC ingestion from Cyren CCF feeds (IP reputation and malware URLs) into SentinelOne for automated threat detection and response. Read More →
AWS ELB Connector: Public Preview CCF Ingestion for ALB, NLB, and GLB Logs
New CCF connector enables ingestion of AWS Elastic Load Balancer access and flow logs into Microsoft Sentinel for network traffic monitoring and threat detection. Read More →
GreyNoise Threat Intelligence: SDK Update Addresses Function App Runtime Issues
Updated GreyNoise Python SDK to v3.0.3, fixed module mismatches, and bumped Azure Functions runtime to resolve connector stability issues. Read More →
Rubrik Security Cloud: New CCF Connector Unlocks Ransomware Recovery Intelligence
New CCF data connector ingests comprehensive backup status data enabling correlation between security incidents and backup health for rapid ransomware recovery assessment. Read More →
Upwind Cloud Security: New Data Connector Unlocks Cloud Asset Visibility
New Upwind solution enables ingestion of compute platform assets with risk assessments, vulnerability data, and network exposure metrics. Read More →
Cisco Firepower Workbook: Fixed DeviceProduct Filter Restores Dashboard Functionality
Cisco Firepower workbook queries updated from incorrect ‘Firepower’ to ‘FTD’ filter, fixing non-functional dashboard charts. Read More →