Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →

SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →

ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →

Training lab removes dual-auth complexity, standardizing on User-Assigned Managed Identity for Microsoft Defender XDR custom detection rule deployment. Read More →

BitSight solution package updated to v3.1.1 fixing a solution ID issue that prevented proper republishing to Microsoft Sentinel Content Hub. Read More →

New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →

Fixed workspace-location defaultValue in Lookout solution ARM template to prevent deployment failures when location parameter is unset. Read More →

Resolved package publishing failure by adding missing connector information to UI definition file. Read More →

ExtraHop connector reverted to previous function app package to resolve customer-facing deployment issues affecting data ingestion. Read More →

Fixes potential Python exception in CloudTrail ingestion function when encountering unsupported file formats, preventing data ingestion failure. Read More →

Recorded Future Identity solution deprecates Logic Apps-based incident creation and introduces Analytic Rules for Microsoft Defender Portal compatibility. Read More →

SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →

New PowerShell script automates discovery of classic custom log tables and dependency impact assessment for the mandatory HTTP Data Collector API migration. Read More →

Two advanced data ingestion exercises added to training lab covering ADLS Gen2 federation and tier-based transformation routing. Read More →

All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →

Python connector security vulnerabilities patched with improved error handling and null check additions. Read More →

Updated publisher ID in Upwind solution metadata to comply with Content Hub deployment requirements. Read More →

Proofpoint POD connector updated to include sinceTime parameter configuration, addressing potential data collection gaps during initial ingestion windows. Read More →

Documentation updated for Logstash output plugin to reflect version 2.1.0 with Ruby-to-Java refactor, managed identity support, and closed-source transition. Read More →

Recorded Future adds sandbox region configuration parameter and moves threat intelligence evidence details to comply with STIX standard structure. Read More →