IPinfo: Multi-Workspace Support and Function App Deployment Reliability Improvements
Comprehensive update to 17 IPinfo connectors enhancing deployment reliability with runtime pinning, dependency fixes, and multi-workspace DCR support. Read More →
Lookout Connector: Critical DCR Transform Fix Restores Mobile Threat Visibility
Critical fix resolves undefined symbol error that prevented Lookout connector creation, restoring mobile threat detection capability. Read More →
Trend Micro Vision One: Azure Storage Account TLS Security Hardening
Critical security hardening update enforces minimum TLS 1.2 for Azure storage accounts in Function App deployment template. Read More →
DataBahn Platform: New CCF Connector for Real-Time Security Telemetry Ingestion
New CCF push connector enables direct ingestion of DataBahn audit logs, alerts, and device inventory into Microsoft Sentinel. Read More →
Azure Activity: Hunting Query Documentation Enhancement for Custom Script Extensions
Minor documentation improvement clarifying protected settings visibility in Custom Script Extension hunting query. Read More →
Solutions Analyzer Tools: Kusto Upload, CCF Legacy Support, and Parser Analysis Enhancements
Major tooling update adds Kusto integration, improves CCF connector classification, and fixes ASIM parser documentation generation. Read More →
ASIM FileEvent Parser: New AWS CloudTrail S3 Support Added
New FileEvent parser enables normalized S3 object activity monitoring from AWS CloudTrail logs across bucket operations and object lifecycle events. Read More →
New CCF Template: Azure Storage Blob Data Connector
New Codeless Connector Framework template enables ingestion from Azure Storage blob containers via event-driven data flows. Read More →
Solution Creation Tools: API Version Update for Saved Searches
Updated savedSearches API version from 2022-10-01 to 2025-07-01 in solution metadata generation tool. Read More →
Cyren Threat Intelligence: Critical Fix for 1,535:1 Duplicate Data Ingestion
Configuration updates eliminate massive duplicate indicator ingestion caused by small page sizes and frequent polling intervals. Read More →
Threat Intelligence: URL IOC Detection Added for Web Session Monitoring
New Analytic Rule enables detection of malicious URLs from threat feeds in web traffic, closing coverage gap for URL-based indicators. Read More →
CognyteLuminar: Deployment Configuration and Soft Link Updates
ARM template deployment links updated and Function App soft links corrected for flex and premium consumption plans. Read More →
Zscaler Internet Access: Major Platform Modernization with CloudNSS CCP Connectors
Complete solution overhaul replaces legacy connectors with 15 CloudNSS CCP connectors and 12 OAuth2 playbooks for enhanced Zscaler integration. Read More →
TacitRed CrowdStrike IOC Automation: Critical Deployment Fix and Template Visibility
Fixed InvalidResourceLocation deployment error and missing playbook template discovery for TacitRed CrowdStrike IOC automation solution. Read More →
TacitRed-SentinelOne Solution: Critical Deployment Fix for Content Hub Installation Failures
Fixed InvalidResourceLocation deployment error and removed restrictive domain filter that was preventing TacitRed IOC automation deployments. Read More →
Microsoft Defender XDR Solution: Punycode Hunting Query Added for Lookalike Domain Detection
Microsoft Defender XDR solution v3.0.14 adds hunting query targeting Punycode character abuse in lookalike domain attacks. Read More →
Microsoft Sentinel Logstash Plugin: Passwordless Authentication with Managed Identity Support
Logstash output plugin enhanced with managed identity authentication for Azure VMs, AKS workload identity, and Azure Arc servers. Read More →
Visa Threat Intelligence Solution: Initial Package Release with IOC Detection Rules
New Visa Threat Intelligence (VTI) solution providing IOC feeds via DCR connector with high-severity detection rules for domains and file hashes. Read More →
JoeSandbox Solution: Updated Deployment Links and Removed Manual Installation Steps
JoeSandbox solution deployment documentation updated with corrected Azure links and streamlined automated deployment options. Read More →
MailRisk CCF Connector: Critical Parameter Syntax Fix for Deployment Failures
Fixed CCF deployment blocking issue in MailRisk connector caused by incorrect ARM template parameter extraction syntax. Read More →