Microsoft Teams Security: 9 Additional Hunting Queries for Advanced Threat Detection
Extended Teams protection hunting coverage with queries for partner impersonation, admin submissions, and external sender analysis. Read More →
Changelog
Open Systems Connector: aiohttp Security Update 3.10.11→3.12.14 Plus Multi-Solution Changes
Open Systems connector updated aiohttp dependency addressing potential security vulnerabilities, bundled with extensive solution packaging updates. Read More →
Threat Intelligence: Critical Logic Fix Stops False Alerts on Revoked Indicators
Broken condition in CloudAppEvents threat intelligence detection fixed to prevent firing on revoked/deleted indicators. Read More →
QualysVM Connector: API Rate Limiting and Configurable Truncation Protection
QualysVM connector enhanced with 1 QPS rate limiting and configurable truncation limits to prevent API abuse. Read More →
Check Point Cyberint Alerts: DCR Transform Fix and Customer Name Header Addition
Check Point Cyberint Alerts connector v3.0.1 fixes DCR formatting and adds customer name header for proper API authentication. Read More →
Threat Intelligence: AppService HTTP Logs Detection Restored After Missing Column Fix
Critical fix for broken IP entity detection rule that was missing AlertPriority column causing template failures. Read More →
Microsoft Teams Security: 7 New Hunting Queries for URL Threat Detection
New hunting queries added to detect malicious URL clicks, ZAP events, and user submissions in Microsoft Teams. Read More →
Cyera DSPM Solution: New Data Security Posture Management Integration
New solution added for Cyera DSPM providing data security monitoring with both CCF and Function App connectors. Read More →
Varonis Purview: New Push Connector for Microsoft Purview Data Governance Integration
New solution providing push connector to sync Varonis data resources into Microsoft Purview via Sentinel data lake. Read More →
Open Systems Solution: New Multi-Product Security Platform with ASIM Parsers
New Open Systems solution enables ingestion from multiple security products via Logstash with ASIM parsers for authentication, firewall, and proxy logs. Read More →
Zscaler ZIA ASIM Parser: Device Model Field Parsing Fix Restores Visibility
ASIM WebSession parser for Zscaler ZIA corrected devicemodel parsing logic that was preventing proper device categorization. Read More →
WithSecure Elements Connector: Critical requests Security Update
requests library upgraded to 2.32.4 patching CVE-2024-47081 netrc credential leak vulnerability. Read More →
ESET Protect Platform Connector: Critical urllib3 Security Update
urllib3 dependency upgraded to 2.5.0 patching two CVE redirect control vulnerabilities (CVE-2025-50181, CVE-2025-50182). Read More →
Squadra Technologies SecRMM: Compliance Update Adds Required Detection Rule
SecRMM solution updated to v3.0.0 with mandatory analytic rule for removable storage monitoring to meet Microsoft Sentinel compliance requirements. Read More →
AWS S3 Connector: Python Runtime Upgrade and Boto3 Compatibility Fix
Function App connector updated to Python 3.11 with boto3 fix for missing CommonPrefixes handling. Read More →
SAP BTP Connector: Critical Pagination Fix Restores Missing Security Events
CCF connector pagination bug fixed - deployments were missing audit events due to failed token parsing. Read More →
GCP Security Command Center: New Detection Suite for Cloud Misconfigurations
New Solution delivers 5 Analytic Rules and 5 Hunting Queries to detect GCP security misconfigurations including unrestricted API keys, disabled security features, and risky IAM configurations. Read More →
Rubrik Security Cloud: API Hostname Configuration Update for Customer Deployments
Rubrik Security Cloud solution updated to v3.5.1 with corrected API hostname defaults across all playbooks and custom connector. Read More →
Mimecast Connectors: Migration to Log Ingestion API Eliminates Legacy Workspace Key Dependency
Mimecast Function App connectors migrated from legacy Log Analytics ingestion to Azure Monitor Log Ingestion API, requiring DCR reconfiguration. Read More →
AWS CloudWatch Connectors: Critical Python 3.13 Compatibility Fix
Removed problematic CSV handling causing Lambda function failures on Python 3.13 runtime in CloudWatch connectors. Read More →