Feedly Threat Intelligence: Migration from Azure Functions to Native CCF Connector
Modernizes Feedly threat intelligence ingestion by removing Azure Function dependencies and migrating to native Sentinel CCF polling for IoC feeds. Read More →
Changelog
CyeraDSPM Connector: Eliminates Legacy Azure Functions Deployment Path
Removes deprecated Azure Functions connector from CyeraDSPM solution, streamlining to single CCF-based ingestion to prevent marketplace deployment failures. Read More →
ASIM Asset Entity Schema: New Schema Foundation for Asset Management
Introduces complete ASIM Asset Entity schema with parsers, empty templates, and CI integration to enable asset-centric security monitoring. Read More →
CrowdStrike API Connector: Critical Fix Restores Full Alert and Detection Data Ingestion
CrowdStrike API connector fix implements nested API calls to retrieve complete alert/detection details after prior version only captured alert IDs. Read More →
AMA Version Tracking: New Function for Azure Monitor Agent Deployment Management
New KQL function enables SOC teams to audit Azure Monitor Agent versions across their Sentinel deployment for maintenance and security compliance tracking. Read More →
AI Agents Hunting Query: Schema Field Case Correction Enables Query Execution
Fixed IdentityInfo field reference from AccountUPN to AccountUpn to resolve KQL validation failure and restore query functionality. Read More →
Dataminr Pulse Connector: Extension Bundle Updated to Prevent Deployment Failures
Function App extension bundle upgraded from deprecated v3 to v4 to restore connector deployment capability. Read More →
TacitRed CrowdStrike Playbook: Authentication Fix for Multi-Region API Endpoints
Fixed hardcoded CrowdStrike API URL default causing authentication failures for customers in US-1 and EU-1 regions. Read More →
TacitRed SentinelOne Playbook: Critical API Fix Restores IOC Automation After HTTP 500 Failures
Fixed broken TacitRed playbook that was failing with HTTP 500 errors when posting IOCs to SentinelOne due to missing account scope parameter. Read More →
TheHive Incident Response: New CCF Connector for SOAR Platform Integration
Microsoft Sentinel gains native ingestion from TheHive security incident response platform via CCF connector, enabling case management visibility and response workflow correlation. Read More →
Cyera DSPM Connector: Critical DCR Transform Fix Restores Asset Visibility After KQL Function Errors
Cyera DSPM connector v3.0.4 fixes DCR transformation failures that prevented data ingestion, restoring visibility into cloud asset security posture and compliance. Read More →
CTM360 HackerView: Connector Ingestion Restored After Complete Deployment Failure
CTM360 HackerView Function App connector was completely broken due to backup flag logic errors, preventing all threat intelligence ingestion until this fix. Read More →
WithSecure Elements Connector: Python Runtime Upgrade to 3.12
WithSecure Elements Function App connector upgraded from Python 3.10 to 3.12 to align with updated function code. Read More →
Microsoft Sentinel SOAR Playbook: Enhanced User Entity Resolution Prevents Silent Failures
Incident-Trigger-Entity-Analyzer playbook upgraded with intelligent user identifier detection, resolving silent failures when entities lack AadUserId. Read More →
Rapid7 InsightVM: New CCF Connector Expands Vulnerability Management Data Ingestion Options
Rapid7InsightVM solution adds CCF-based data connector for cloud-native ingestion alongside legacy Function App connector, enhancing deployment flexibility for vulnerability management visibility. Read More →
Versasec CMS: Microsoft API Version Update for SavedSearches
Microsoft updated the SavedSearches API version in the Versasec CMS solution packaging. Read More →
Solution Analyzer v9.0: Enhanced Table Schema Discovery and Documentation Source Prioritization
Major enhancement adds comprehensive table schema extraction from DCR configs and Azure Monitor docs, plus improved discovery source hierarchy for better data source visibility. Read More →
Open Systems Connector: Enhanced Kafka Consumer Thread Configuration for Scalability
ARM template gains configurable consumer threads for each log type to address Logstash performance bottlenecks in high-volume deployments. Read More →
CyberArk Audit: New CCF Connector Alternative Replaces Function App Dependency
CyberArk adds CCF-based connector to eliminate Azure Functions dependency for audit data ingestion. Read More →
New Trellix Endpoint Security: CCF Connector Unlocks ePO Threat Visibility in Sentinel
New solution delivers Trellix ePO endpoint security events via CCF with OAuth2 authentication and comprehensive threat intelligence data. Read More →