September 4, 2025

Veeam Solution: New Backup Security Monitoring with Malware Detection and Compliance Analysis

New Veeam solution added providing comprehensive security monitoring for backup infrastructure with malware scanning, compliance analysis, and threat detection capabilities. Read More →

September 4, 2025

Onapsis Defend Connectors: Broken Documentation Links Removed

Fixed connector documentation by removing non-functional links to workspace key documentation. Read More →

September 4, 2025

Threat Intelligence Connectors: ThreatIntelObjects Data Source Visibility Added

All TI data connector templates now monitor the new ThreatIntelObjects table, expanding threat intelligence visibility beyond traditional indicators. Read More →

September 4, 2025

Data Connectors: CodeQL Alert Suppression for Legacy Components

Added suppression comments for CodeQL security alerts in deprecated connectors and backward compatibility modules. Read More →

September 3, 2025

Google Cloud Platform NAT Solution: Packaging Update

GCP NAT solution packaging updated to version 3.0.1 with minor metadata revisions. Read More →

September 3, 2025

GCP Connectors Promoted to General Availability: Cloud Run, NAT, and Resource Manager

Three Google Cloud Platform CCF connectors graduate from Preview to GA status, indicating production readiness for enterprise deployment. Read More →

September 3, 2025

Threat Analysis & Response Workbook: Enhanced Visualizations and UI Improvements

Workbook update adds graphical views to complement table displays and fixes missing data source statistics headers. Read More →

August 29, 2025

Threat Intelligence DNS Detection: Alert Description Field Mapping Fix Enables Threat Context

Threat Intelligence imDns_IPEntity_DnsEvents rule updated to fix alert description field mapping from non-existent Type to ThreatType, restoring threat classification in DNS alerts. Read More →

August 29, 2025

Azure Firewall Detection: Critical Time Range Fix Prevents Overlapping Alerts and Query Failures

Azure Firewall Abnormal Port to Protocol rule updated to fix brittle time range handling that caused duplicate alerts and failed detection when runtime was modified. Read More →

August 29, 2025

Microsoft Entra ID Conditional Access Rules: Incident Configuration Fix Resolves Rule Creation Failures

Microsoft Entra ID Conditional Access detection rules updated to fix lookbackDuration format preventing rule deployment in Microsoft Sentinel workspaces. Read More →

August 28, 2025

Threat Intelligence Detection: Alert Description Field Mapping Fix Restores Dynamic Content

Threat Intelligence DomainEntity_imWebSession rule updated to fix alert description field mapping, replacing non-existent Type field with ThreatType for proper alert context. Read More →

August 28, 2025

Zscaler Private Access Parser: Enhanced Field Coverage Improves Network Session Visibility

ZPAEvent parser updated to version 1.0.3 with additional fields for SessionID, IPProtocol, and ClientCountryCode, improving zero-trust network monitoring capabilities. Read More →

August 28, 2025

GitHub Webhook Connector: Deprecated Status Removed, Restored to Active Support

GitHub webhook connector restored from deprecated status, indicating renewed support for GitHub security event ingestion via webhooks. Read More →

August 28, 2025

Cisco Umbrella Elastic Premium Connector: Data Consistency Fix Aligns with Standard Connector

Cisco Umbrella elastic premium connector updated to match standard connector data types and table structures for consistent log processing and queries. Read More →

August 28, 2025

ProofPoint TAP Connector: Critical API Parameter Update Restores Complete Data Ingestion

ProofPoint TAP CCF connector updated from deprecated sinceTime to interval-based polling, addressing incomplete data retrieval that affected threat visibility. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.