Microsoft Sentinel gains native ingestion from TheHive security incident response platform via CCF connector, enabling case management visibility and response workflow correlation. Read More →

Cyera DSPM connector v3.0.4 fixes DCR transformation failures that prevented data ingestion, restoring visibility into cloud asset security posture and compliance. Read More →

CTM360 HackerView Function App connector was completely broken due to backup flag logic errors, preventing all threat intelligence ingestion until this fix. Read More →

WithSecure Elements Function App connector upgraded from Python 3.10 to 3.12 to align with updated function code. Read More →

Incident-Trigger-Entity-Analyzer playbook upgraded with intelligent user identifier detection, resolving silent failures when entities lack AadUserId. Read More →

Rapid7InsightVM solution adds CCF-based data connector for cloud-native ingestion alongside legacy Function App connector, enhancing deployment flexibility for vulnerability management visibility. Read More →

Microsoft updated the SavedSearches API version in the Versasec CMS solution packaging. Read More →

Major enhancement adds comprehensive table schema extraction from DCR configs and Azure Monitor docs, plus improved discovery source hierarchy for better data source visibility. Read More →

ARM template gains configurable consumer threads for each log type to address Logstash performance bottlenecks in high-volume deployments. Read More →

CyberArk adds CCF-based connector to eliminate Azure Functions dependency for audit data ingestion. Read More →

New solution delivers Trellix ePO endpoint security events via CCF with OAuth2 authentication and comprehensive threat intelligence data. Read More →

Fixes a critical deployment bug present since v1.0.0 where hardcoded placeholder URL caused complete playbook failure for all Content Hub installations. Read More →

Gigamon connector migrated from deprecated Log Analytics method to CCF push architecture, preventing complete loss of network traffic and threat visibility. Read More →

Fixes timeout-induced ingestion failures in offline enrollment log processing and updates duo-client library for security maintenance. Read More →

Google Kubernetes Engine connector documentation updated to reference official Microsoft Learn guides instead of personal repositories. Read More →

Updated ASIM Registry Event parser for Microsoft 365 Defender to include mandatory EventSchema and EventResult fields per schema compliance requirements. Read More →

Compliance update removes credential scanner violations from securestring parameters and aligns all content versions to 3.0.3. Read More →

Major migration from HTTP Data Collector API to CCF RestApiPoller enabling automatic polling with query-time deduplication for IONIX attack surface management data. Read More →

Documentation update adds support for Logstash versions 8.19.2, 9.0.8, 9.1.10, and 9.2.4-9.2.5. Read More →

Critical fix aligns queryPeriod with 5-day learning window, restoring proper baseline computation for abnormal deny rate detection. Read More →