GDPR Workbook: Expanded Asset Coverage Beyond On-Prem Hosts
GDPR compliance workbook now monitors security alerts across Azure, AWS, GCP, and blob storage assets, not just traditional servers. Read More →
Critical Cloudflare Analytics Rules: Enhanced URL Entity Mapping and Repository Maintenance
P0-labeled update improves URL entity mapping in Cloudflare detection rules alongside extensive repository maintenance and validation improvements. Read More →
Azure Firewall ASIM Parsers: Enhanced Detection Coverage for Six New Log Types
New ASIM normalisation parsers added for six Azure Firewall log tables, expanding detection coverage for network sessions, DNS queries, and web traffic analysis. Read More →
Cisco Umbrella Connector: Schema v14 Compatibility and Documentation Updates
Updates Cisco Umbrella Function App connectors to support log schema version 14 with enhanced workspace key documentation. Read More →
Anomalous Single Factor Sign-in Detection: Critical Logic Revert Due to False Positives
Reverts detection rule logic changes due to GitHub issue reporting incorrect filtering logic causing operational problems. Read More →
Solutions Analyzer Tool: Automated Connector Documentation Generation
Solutions Analyzer tool enhanced to generate markdown documentation files for all 1000+ connectors in addition to CSV output. Read More →
ZeroFox CCF Connector: KQL Query Restoration and Multi-Solution Maintenance
ZeroFox CCF connector receives missing KQL query fixes alongside packaging updates across 8+ solutions. Read More →
Google Threat Intelligence: Enhanced Threat Hunting with MITRE ATT&CK Integration
Updated threat hunting rules add MITRE ATT&CK mappings and fix parser function calls for improved threat detection coverage. Read More →
ASIM Authentication Parsers: Hostname Resolution and Alias Fixes
Fixes SrcHostname resolution logic and IpAddr aliases in Microsoft Windows Event and SSH authentication parsers. Read More →
Linux Support for Sentinel Transition Helper: Cross-Platform SOC Analysis Tool
Added Linux-compatible version of Sentinel Transition Helper script using Azure CLI for cross-platform SOC environment analysis. Read More →
Security Cleanup: Removing Vulnerable Legacy O365 Teams and RDAP Tools
Deleted legacy O365 DataCSharp Teams connector and RDAPQuery tool due to vulnerable .NET dependencies and security risks. Read More →
New Solutions Analyzer Tool: Automated Connector-to-Table Mapping for Security Operations
Released Solutions Analyzer tool for automated discovery and mapping of connector-to-table relationships across Sentinel solutions with CSV reporting. Read More →
Authomize Connector: Critical requests Library CVE-2024-47081 Security Fix
Authomize connector dependency updated to address credential leakage vulnerability in requests library. Read More →
Cisco Umbrella: Enhanced Data Fidelity with Log Format v13-v14 Support
Added support for Cisco Secure log formats v13-v14, exposing AI model tracking and event correlation fields for improved threat context. Read More →
Microsoft Defender XDR Workbook Version 3: Enhanced Visualizations and Insights
Updated Microsoft Defender for Office 365 workbook to version 3 with new visuals and improved insights based on user feedback. Read More →
ZeroFox Connector: Fixing Stream Naming Inconsistency Breaking Alert Ingestion
Stream name mismatch between DCR and connector config prevented ZeroFox threat alerts from reaching Sentinel workspaces. Read More →
Open Systems Solution: Logo Update and Contact Email Correction
Marketplace certification fixes for Open Systems solution — updated SVG logo path and corrected contact email address for Azure Marketplace deployment. Read More →
Fortinet FortiNDR Cloud: Security Update Addresses Python Requests CVE-2024-47081
Critical security update patches CVE-2024-47081 netrc credential leak vulnerability in Python requests library. Read More →
ContrastADR Solution: Parser Logic Enhancement and Workbook Fixes
ContrastADR parsers updated with column_ifexists logic for improved error handling and workbook template fixes. Read More →
Microsoft 365 Defender ASIM: Fixed Field Compatibility Issue in Authentication Parsers
M365 Defender authentication parsers updated to handle optional _ItemId field, resolving parser failures in some client environments. Read More →