Miro Solution: New Enterprise Collaboration Security and Compliance Monitoring
New Miro solution added with CCF connectors for audit logs and content logs to enable collaboration platform security monitoring. Read More →
Changelog
Microsoft Entra ID: New Conditional Access Security Insights and Monitoring Workbook
New Conditional Access SISM workbook added to provide comprehensive CA policy monitoring and Zero Trust analytics. Read More →
SAP BTP Tools: Improved Connection Management and Subaccount Naming
SAP BTP connector tools updated with better subaccount handling, connection naming, and performance optimisations. Read More →
WithSecure Elements Connector: Critical Security Fix for HTTP Decompression Vulnerabilities
WithSecure Elements connector urllib3 dependency updated to address two high-severity CVEs causing potential DoS attacks. Read More →
Box Connector: Critical Security Fix for HTTP Decompression Vulnerabilities
Box connector urllib3 dependency updated to address two high-severity CVEs causing potential DoS attacks. Read More →
Infoblox NIOS Parsers: Enhanced Log Filtering Reduces Noise in DHCP Monitoring
Updated Infoblox NIOS parsers exclude additional administrative log categories to improve signal-to-noise ratio. Read More →
Intel471: Added Verity471 Platform Support for Enhanced Malware Intelligence
Intel471 solution now supports the new Verity471 backend alongside Titan for ingesting malware threat indicators. Read More →
New Cyble Vision Threat Intelligence Solution: Comprehensive CCF-Based Alert Platform
Massive new Cyble Vision solution providing 40+ specialized detection rules and parsers for diverse threat intelligence feeds from dark web to cloud security. Read More →
GCP IAM Detection Logic Fixed — Correcting Service Account Key Detection Gaps
Two GCP IAM analytic rules had syntax errors preventing proper detection of token generation and key enumeration attacks. Read More →
SOX IT Compliance Solution Released: IT Change Monitoring for Financial Controls
New compliance monitoring solution provides IT systems change tracking and segregation of duties controls for Sarbanes-Oxley compliance programs. Read More →
Trend Micro Vision One — urllib3 Security Update Fixes Critical DoS Vulnerabilities
Dependency update from urllib3 1.26.20 to 2.6.0 addresses two high-severity CVEs preventing DoS attacks via decompression bombs and content encoding chains. Read More →
ESET Protect Platform Connector: urllib3 Security Update for CVE Fixes
Updated urllib3 dependency to v2.6.0 to address two high-severity CVEs affecting HTTP decompression handling. Read More →
Microsoft Copilot Connector — Critical Table Name Update from LLMActivity to CopilotActivity
Microsoft Copilot connector fixes critical table reference issue, standardizing on official CopilotActivity table name across all components. Read More →
Ermes Browser Security Connector — Enhanced Data Fidelity and Multi-Tenant Support
CCF connector update fixes timestamp extraction, adds configurable API endpoints, and expands log data collection for better event visibility. Read More →
Microsoft Entra ID Playbooks: API Permission Updates for Session Revocation
Updates Revoke-AADSignInSessions playbook documentation to use correct User.RevokeSessions.All permissions instead of broader User.ReadWrite.All. Read More →
Contrast ADR Detection: Fixed Field Reference Causing Query Failures
Corrected field name from incident_id_s to incidentId_s in Contrast EDR detection rule. Read More →
Lookout Mobile Security: Parser Fixes and Executive Dashboard Enhancement
Lookout solution updated to v3.0.1 with parser fixes, comprehensive security dashboards, and enhanced analytic rules. Read More →
Slack Audit Parser: Fixed Broken Field References Causing Data Loss
Corrected field name parsing errors in SlackAuditV2_CL that were causing channel sharing status and IP context data to return null. Read More →
ProofPoint TAP Detection Rules Updated for v2 Connector Migration
Two ProofPoint TAP Analytic Rules updated to reference ProofpointTAPv2 connector ID, ensuring compatibility with the newer connector version. Read More →
Fortigate ASIM Parser: Field Name Consistency Fix for Network Session Schema
Field name inconsistencies in Fortigate ASIM parsers corrected to ensure proper schema compliance and data normalization. Read More →