Azure NTANetAnalytics parser now correctly maps source and destination IP addresses from PublicIPs fields when primary IP fields are empty, closing a data fidelity blind spot. Read More →

Oracle Cloud Infrastructure connector package repair addresses polling configuration naming issue preventing proper deployment. Read More →

Documentation maintenance removing broken link from VMware ESXi solution. Read More →

New threat detection coverage for SAP BTP Cloud Integration tampering, identity service compromise, and audit service availability. Read More →

AWS S3 Server Access Logs CloudFormation template receives critical security update restricting SQS queue principal from wildcard to S3 service only. Read More →

Major enhancement to Armis data connectors implementing Azure Monitor Logs Ingestion API with DCR support for improved data fidelity and performance. Read More →

Critical schema update replaces deprecated requiredTechniques field with correct relevantTechniques field in analytic rules. Read More →

Threat Intelligence solution updated with standardised severity field naming and query performance improvements in IP entity analytics. Read More →

Snowflake connector updated with 120-minute ingestion delay and corrected timestamp parsing to address customer-reported data gaps. Read More →

Large release adds two new threat intelligence solutions (Cyble Vision, Tropico) and updates to 15+ existing solutions across the repository. Read More →

New Miro solution added with CCF connectors for audit logs and content logs to enable collaboration platform security monitoring. Read More →

New Conditional Access SISM workbook added to provide comprehensive CA policy monitoring and Zero Trust analytics. Read More →

SAP BTP connector tools updated with better subaccount handling, connection naming, and performance optimisations. Read More →

WithSecure Elements connector urllib3 dependency updated to address two high-severity CVEs causing potential DoS attacks. Read More →

Box connector urllib3 dependency updated to address two high-severity CVEs causing potential DoS attacks. Read More →

Updated Infoblox NIOS parsers exclude additional administrative log categories to improve signal-to-noise ratio. Read More →

Intel471 solution now supports the new Verity471 backend alongside Titan for ingesting malware threat indicators. Read More →

Massive new Cyble Vision solution providing 40+ specialized detection rules and parsers for diverse threat intelligence feeds from dark web to cloud security. Read More →

Two GCP IAM analytic rules had syntax errors preventing proper detection of token generation and key enumeration attacks. Read More →

New compliance monitoring solution provides IT systems change tracking and segregation of duties controls for Sarbanes-Oxley compliance programs. Read More →