Security Cleanup: Removing Vulnerable Legacy O365 Teams and RDAP Tools
Deleted legacy O365 DataCSharp Teams connector and RDAPQuery tool due to vulnerable .NET dependencies and security risks. Read More →
Changelog
New Solutions Analyzer Tool: Automated Connector-to-Table Mapping for Security Operations
Released Solutions Analyzer tool for automated discovery and mapping of connector-to-table relationships across Sentinel solutions with CSV reporting. Read More →
Authomize Connector: Critical requests Library CVE-2024-47081 Security Fix
Authomize connector dependency updated to address credential leakage vulnerability in requests library. Read More →
Cisco Umbrella: Enhanced Data Fidelity with Log Format v13-v14 Support
Added support for Cisco Secure log formats v13-v14, exposing AI model tracking and event correlation fields for improved threat context. Read More →
Microsoft Defender XDR Workbook Version 3: Enhanced Visualizations and Insights
Updated Microsoft Defender for Office 365 workbook to version 3 with new visuals and improved insights based on user feedback. Read More →
ZeroFox Connector: Fixing Stream Naming Inconsistency Breaking Alert Ingestion
Stream name mismatch between DCR and connector config prevented ZeroFox threat alerts from reaching Sentinel workspaces. Read More →
Open Systems Solution: Logo Update and Contact Email Correction
Marketplace certification fixes for Open Systems solution — updated SVG logo path and corrected contact email address for Azure Marketplace deployment. Read More →
Fortinet FortiNDR Cloud: Security Update Addresses Python Requests CVE-2024-47081
Critical security update patches CVE-2024-47081 netrc credential leak vulnerability in Python requests library. Read More →
ContrastADR Solution: Parser Logic Enhancement and Workbook Fixes
ContrastADR parsers updated with column_ifexists logic for improved error handling and workbook template fixes. Read More →
Microsoft 365 Defender ASIM: Fixed Field Compatibility Issue in Authentication Parsers
M365 Defender authentication parsers updated to handle optional _ItemId field, resolving parser failures in some client environments. Read More →
GitHub Enterprise Connector: Improved API URL Configuration Guidance
Enhanced connector definition for GitHub Enterprise audit logs with clearer API URL field labels and format examples to reduce customer configuration errors. Read More →
Palo Alto Prisma Cloud Connector: Policy Data Restored with Missing "detailed" API Flag
Critical data fidelity fix for Palo Alto Prisma Cloud CCF connector — added missing “detailed” flag to API queries, restoring previously excluded policy field data. Read More →
UEBA Essentials: Five New Hunting Queries for Advanced Anomaly Analysis and Threat Triage
UEBA Essentials v4.1.0 adds five targeted hunting queries for high-score anomaly triage, trend analysis, template distribution, user-centric investigation, and malicious source IP identification. Read More →
Snowflake Connector: Data Parsing Logic Restored After SQL Query Malformation
Critical fix to Snowflake connector data parsing logic, switching from array-based extraction to proper JSON field extraction, restoring visibility across all log types. Read More →
SAP BTP Connector: Mass Onboarding Tools for Multi-Subaccount Deployment
PowerShell automation tools added for scalable SAP BTP subaccount onboarding to Microsoft Sentinel, enabling SOC teams to efficiently connect dozens of BTP subaccounts at once. Read More →
ZeroNetworks Solution Connector Deprecation: Function App Integration Removed
ZeroNetworks solution updated to version 4.0.0, removing deprecated Function App connector per Microsoft guidance. Read More →
NCSC-NL Threat Intelligence Sharing: Playbook Bug Fixes and JSON Structure Improvements
Dutch National Detection Network threat intelligence sharing solution updated to v3.0.1 with playbook parameter fixes and improved JSON structure. Read More →
New Quokka Qscout Mobile App Security Solution: Mobile Threat Detection Visibility
CCF connector and detection rule for Quokka Qscout mobile app security analysis platform provides visibility into malicious mobile application findings. Read More →
Salesforce Service Cloud Connector: Column Name Bug Fix Plus Multi-Solution Updates
Fixed critical column name mapping bug in Salesforce Service Cloud CCF connector preventing proper data ingestion. Read More →
ZeroFox Enterprise: New CCF Connector Replaces Deprecated CCP Implementation
ZeroFox alert ingestion modernized with CCF-based connector, replacing deprecated CCP framework. Read More →