New MongoDB Atlas solution added providing database administration log ingestion via Function App for monitoring database operations, access patterns, and configuration changes. Read More →

Varonis SaaS connector updated with blob state persistence to track last alert ingest time and prevent potential data loss during connector restarts. Read More →

Complete new solution with 10 analytic rules, hunting queries, workbook, and Azure Durable Function connector for Lumen threat intelligence integration. Read More →

Comprehensive Veeam solution update adds extensive security monitoring with 137+ new detection rules, enhanced function app data connector, and streamlined deployment. Read More →

Veeam solution updated with table rename from VeeamSession_CL to VeeamSessions_CL to ensure proper display in Microsoft Defender Portal. Read More →

Illumio solution expands with new Insights Summary connector for compliance managers and threat hunters, plus improved API authentication structure. Read More →

New community workbook provides focused visibility tool for Windows Security auditing coverage assessment in Microsoft Sentinel deployments. Read More →

Dataminr Pulse connector adds Azure Government Cloud deployment button for government environments. Read More →

Six Contrast ADR analytic rules updated with improved alert descriptions and custom table schema changes for better incident clarity. Read More →

Fixed incorrect table reference (iocsent_CL) in Check Point Cyberint IOC connector that was preventing data ingestion. Read More →

SAP agentless integration package updated with safe limit parameter for extraction operations, enhancing data processing control. Read More →

Network mapping visualization removed from Azure Security Benchmark workbook following upstream repository deprecation. Read More →

New playbook automatically educates users who failed to report phishing emails by triggering Attack Simulator training simulations. Read More →

Cybersecurity Maturity Model workbook updated to remove deprecated network mapping functionality. Read More →

New Microsoft Copilot solution added providing AI-powered assistant usage monitoring and security telemetry through LLMActivity table ingestion via DCR framework. Read More →

Labeled P0 — GitHub CCF connector setup instructions fixed to clarify API token scope requirements. Read More →

Jamf Protect parsers updated to support TCC modifications, network connections, and pseudoterminal events plus enhanced process audit tokens. Read More →

Snowflake CCF connector fixed to prevent duplicate data ingestion, improve pagination handling, and reduce connection failures. Read More →

Workbook query issue resolved in Threat Intelligence solution — improves analyst dashboard reliability. Read More →

Two new analytic rules detect domain and user data breaches on the dark web, with enhanced ingestion logic for NordPass Data Breach Scanner integration. Read More →