Lookout Connector: ARM Deployment Fix Restores API Key Authentication
Lookout connector ARM template syntax error blocked API key deployments with double bracket parse failure. Read More →
Atlassian Jira Connector Rebrand: "REST API" to "CCF" Terminology Update
Atlassian Jira Audit connector rebranded to reflect Codeless Connector Framework terminology. Read More →
GitHub 2FA Detection Restored: Critical Blind Spot Fixed After Parser Migration
GitHub Enterprise 2FA disablement detection rule was completely broken due to deprecated table reference — restored monitoring for T1562 defense impairment. Read More →
Microsoft Copilot Connector: Updated Product Scope Description
Clarifies connector description to specify M365 Copilot and Security Copilot coverage alongside general improvements. Read More →
CrowdStrike Adversary Intelligence Connector: Function App Deployment Fix
Version constraint fix restores Function App deployment after Azure Functions runtime compatibility issue. Read More →
ASIM Data Tester Enhanced: New Type Validation for Asset Schema Fields
ASIM Data Tester adds DynamicType and ArrayValuesType validation columns to improve dynamic field type checking accuracy. Read More →
Zoom Reports CCF Connector: Table Migration From Legacy Zoom_CL to ZoomV2_CL Schema
CCF connector now ingests to ZoomV2_CL with normalized field names, avoiding conflicts with legacy Function App deployments using Zoom_CL. Read More →
ASIM AuditEvent Parser: Azure SQL Security Audit Data Normalized for Detection
New ASIM parser enables normalized analysis of SQL security audit events from SQLSecurityAuditEvents and AzureDiagnostics tables. Read More →
New Censys Solution: Attack Surface Intelligence and Entity Enrichment
Adds comprehensive playbook automation for Censys threat intelligence enrichment, providing IP/domain/certificate context during incident investigation. Read More →
CyberArk Audit Connector: Enhanced Documentation and Deployment Warnings
Function App connector updated with critical migration disclaimers to prevent dual-deployment data duplication. Read More →
Checkmarx Audit Log Ingestion Playbook: Security Event Monitoring Integration
New playbook for ingesting Checkmarx audit log events into Microsoft Sentinel via DCR/DCE for security event monitoring and compliance. Read More →
Checkmarx SAST Ingestion Playbook: Static Application Security Testing Integration
New playbook for ingesting Checkmarx SAST scan findings into Microsoft Sentinel via DCR/DCE for application vulnerability tracking. Read More →
D3 Smart SOAR Connector: Fixing Critical Duplicate Incident Ingestion
Fixes broken paging mechanism that was causing duplicate D3 Smart SOAR incidents to be ingested into Microsoft Sentinel. Read More →
ASIM Schema Standardization: Removing Unused User Role Fields Across Multiple Schemas
Cleanup of unused Actor/Target user role fields and alignment of empty parsers improves schema consistency but does not affect active detection capabilities. Read More →
Semperis Lightning: New Active Directory Security Monitoring Platform Added to Content Hub
Semperis Lightning connector brings comprehensive Active Directory tier-0 attack path monitoring and privileged access visibility to Microsoft Sentinel via real-time API ingestion. Read More →
A365 Observability Connector: New AI Agent Telemetry Visibility in Microsoft Sentinel
New data connector for AI agent behavior monitoring brings telemetry from A365, AI Foundry, and Copilot into Microsoft Sentinel for security investigations. Read More →
AWS EKS Connector: Critical Data Ingestion Fix for Missing Table Configuration
CCF connector was unable to ingest any data due to empty destinationTable field preventing log routing to AWSEKSLogs_CL. Read More →
Threat Intelligence: Duo Security IP Detection Updated for ASIM Schema Compliance
IPEntity_DuoSecurity detection migrated from legacy DuoSecurityAuthentication_CL table to normalized CiscoDuo ASIM schema. Read More →
IPinfo Data Connectors: Critical Function App Runtime Fix for Production Deployment
Azure Functions were completely non-functional for marketplace deployments due to incorrect zip folder structure preventing runtime from locating host.json. Read More →
Alibaba Cloud Networking: New CCF Connector Brings VPC Flow, WAF, and API Gateway Visibility
Microsoft Sentinel gains visibility into Alibaba Cloud network infrastructure with a new CCF connector supporting VPC Flow Logs, WAF events, and API Gateway data ingestion via Simple Log Service. Read More →