IPinfo Connectors: Azure Functions Dependency Fix for Linux Runtime
All IPinfo connector Azure Function packages rebuilt to resolve dependency issues with Linux runtime. Read More →
Changelog
Commvault Security IQ: Enhanced Threat Scan Event Coverage and Parser Fix
Two new threat scan event types added to ingestion with regex fix for PascalCase field extraction. Read More →
Illumio Connector: Enhanced Security with Managed Identity Authentication
Illumio Function App connector replaces DefaultAzureCredential with ManagedIdentityCredential, eliminating client secret exposure. Read More →
Cyren Threat Intelligence: SentinelOne IOC Automation Solution Deployed
New Content Hub solution automates IOC ingestion from Cyren CCF feeds (IP reputation and malware URLs) into SentinelOne for automated threat detection and response. Read More →
AWS ELB Connector: Public Preview CCF Ingestion for ALB, NLB, and GLB Logs
New CCF connector enables ingestion of AWS Elastic Load Balancer access and flow logs into Microsoft Sentinel for network traffic monitoring and threat detection. Read More →
GreyNoise Threat Intelligence: SDK Update Addresses Function App Runtime Issues
Updated GreyNoise Python SDK to v3.0.3, fixed module mismatches, and bumped Azure Functions runtime to resolve connector stability issues. Read More →
Rubrik Security Cloud: New CCF Connector Unlocks Ransomware Recovery Intelligence
New CCF data connector ingests comprehensive backup status data enabling correlation between security incidents and backup health for rapid ransomware recovery assessment. Read More →
Upwind Cloud Security: New Data Connector Unlocks Cloud Asset Visibility
New Upwind solution enables ingestion of compute platform assets with risk assessments, vulnerability data, and network exposure metrics. Read More →
Cisco Firepower Workbook: Fixed DeviceProduct Filter Restores Dashboard Functionality
Cisco Firepower workbook queries updated from incorrect ‘Firepower’ to ‘FTD’ filter, fixing non-functional dashboard charts. Read More →
Lookout Connector: ARM Deployment Fix Restores API Key Authentication
Lookout connector ARM template syntax error blocked API key deployments with double bracket parse failure. Read More →
Atlassian Jira Connector Rebrand: "REST API" to "CCF" Terminology Update
Atlassian Jira Audit connector rebranded to reflect Codeless Connector Framework terminology. Read More →
GitHub 2FA Detection Restored: Critical Blind Spot Fixed After Parser Migration
GitHub Enterprise 2FA disablement detection rule was completely broken due to deprecated table reference — restored monitoring for T1562 defense impairment. Read More →
Microsoft Copilot Connector: Updated Product Scope Description
Clarifies connector description to specify M365 Copilot and Security Copilot coverage alongside general improvements. Read More →
CrowdStrike Adversary Intelligence Connector: Function App Deployment Fix
Version constraint fix restores Function App deployment after Azure Functions runtime compatibility issue. Read More →
ASIM Data Tester Enhanced: New Type Validation for Asset Schema Fields
ASIM Data Tester adds DynamicType and ArrayValuesType validation columns to improve dynamic field type checking accuracy. Read More →
Zoom Reports CCF Connector: Table Migration From Legacy Zoom_CL to ZoomV2_CL Schema
CCF connector now ingests to ZoomV2_CL with normalized field names, avoiding conflicts with legacy Function App deployments using Zoom_CL. Read More →
ASIM AuditEvent Parser: Azure SQL Security Audit Data Normalized for Detection
New ASIM parser enables normalized analysis of SQL security audit events from SQLSecurityAuditEvents and AzureDiagnostics tables. Read More →
New Censys Solution: Attack Surface Intelligence and Entity Enrichment
Adds comprehensive playbook automation for Censys threat intelligence enrichment, providing IP/domain/certificate context during incident investigation. Read More →
CyberArk Audit Connector: Enhanced Documentation and Deployment Warnings
Function App connector updated with critical migration disclaimers to prevent dual-deployment data duplication. Read More →
Checkmarx Audit Log Ingestion Playbook: Security Event Monitoring Integration
New playbook for ingesting Checkmarx audit log events into Microsoft Sentinel via DCR/DCE for security event monitoring and compliance. Read More →