Changelog

New playbook for ingesting Checkmarx SAST scan findings into Microsoft Sentinel via DCR/DCE for application vulnerability tracking. Read More →

Fixes broken paging mechanism that was causing duplicate D3 Smart SOAR incidents to be ingested into Microsoft Sentinel. Read More →

Cleanup of unused Actor/Target user role fields and alignment of empty parsers improves schema consistency but does not affect active detection capabilities. Read More →

Semperis Lightning connector brings comprehensive Active Directory tier-0 attack path monitoring and privileged access visibility to Microsoft Sentinel via real-time API ingestion. Read More →

New data connector for AI agent behavior monitoring brings telemetry from A365, AI Foundry, and Copilot into Microsoft Sentinel for security investigations. Read More →

CCF connector was unable to ingest any data due to empty destinationTable field preventing log routing to AWSEKSLogs_CL. Read More →

IPEntity_DuoSecurity detection migrated from legacy DuoSecurityAuthentication_CL table to normalized CiscoDuo ASIM schema. Read More →

Azure Functions were completely non-functional for marketplace deployments due to incorrect zip folder structure preventing runtime from locating host.json. Read More →

Microsoft Sentinel gains visibility into Alibaba Cloud network infrastructure with a new CCF connector supporting VPC Flow Logs, WAF events, and API Gateway data ingestion via Simple Log Service. Read More →

CrowdStrike API Data Connector moves to General Availability with advanced rate limit handling for Alerts and Detections data ingestion. Read More →

Maintenance cleanup removes unused optional user fields from ASIM test configuration with no impact on parser or detection functionality. Read More →

ZoomReports solution migrates from Azure Function to CCF architecture, providing streamlined OAuth-based ingestion for six report types covering usage, telephony, and audit activities. Read More →

New Microsoft Sentinel solution introduces CCF connector for OpenAI audit logs and chat completions, enabling AI governance and threat detection. Read More →

AWS EKS solution packaging error fixed — deployments were failing due to malformed ARM template. Read More →

Resolves complete ingestion stall caused by oversized CSV fields and null character parsing errors. Read More →

Microsoft Sentinel Logstash plugin v1.2.1 adds configurable retry delay parameter to mitigate data loss during throttling scenarios. Read More →

Zero Networks parser update adds 182 new audit types plus dual CCF connectors for comprehensive microsegmentation telemetry. Read More →

New XBOW solution provides asset inventory, vulnerability finding correlation, and automated security assessment visibility through Function App ingestion and four analytic rules. Read More →

Cyren threat intelligence connectors now support conditional deployment — customers can install either IP reputation or malware URL feeds individually based on their subscription. Read More →

TacitRed-CrowdStrike playbook updated to include required User-Agent header for CrowdStrike Technology Partner certification compliance. Read More →