UEBA Essentials: Enhanced Multi-Cloud Detection with 6 New AWS, GCP & Okta Hunting Queries
Major update adds comprehensive multi-cloud anomaly detection capabilities across AWS, GCP, and Okta platforms with 6 new hunting queries. Read More →
Changelog
AWS S3 Connector: Python 3.11 Runtime Migration
AWS S3 Function App connector updated to Python 3.11 runtime following Python 3.9 deprecation. Read More →
Vectra XDR: Log Ingestion API Migration and Enhanced API v3.4 Support with New Playbook Capabilities
Vectra XDR solution updated to API v3.4 with Log Ingestion API support, three new playbooks for PCAP download and detection management. Read More →
Business Email Compromise: Fixed Alert Display Variable Reference
Corrected alert display format to use correct variable name CountOfDocs instead of non-existent number_of_files_accessed. Read More →
New Pathlock Threat Detection and Response Solution: SAP Security Integration for Microsoft Sentinel
Push-based connector integrating Pathlock TDnR SAP security monitoring with Microsoft Sentinel for enhanced SAP application security visibility. Read More →
Salesforce Service Cloud: Critical Detection Rule Fixes for TimestampDerived Field
Essential bug fixes for Salesforce Service Cloud detection rules resolving datetime conversion issues that prevented rule creation. Read More →
CrowdStrike Falcon: Enhanced Threat Intelligence Connector with Improved Error Handling
Updated CrowdStrike Falcon Adversary Intelligence connector with better configuration validation, error handling, and code quality improvements. Read More →
VMRay Connector: Fixed Premium ARM Template Security Configuration
ARM template deployment fix adds mandatory TLS 1.2 enforcement and corrects resource configuration for VMRay Function App connector. Read More →
VMware ESXi SSH Brute Force Detection Plus Multi-Solution Updates
New VMware ESXi detection for multiple failed SSH login attempts, plus comprehensive solution updates across 15+ vendor solutions. Read More →
Threat Intelligence Detection: Critical Timing Fix for Cloud App Email Indicators
TI analytic rule query periods reduced from 10 days to 1 hour to prevent false negatives from timing mismatches. Read More →
Cisco Meraki Connector: Data Types Table Name Corrected for Query Consistency
Cisco Meraki connector fixed incorrect table name reference in UI data types to match actual KQL queries. Read More →
SailPoint IdentityNow: Function App Deployment Package Structure Fix
Critical deployment fix for SailPoint IdentityNow Function App correcting ZIP file structure for proper Azure Function discovery and Python package dependencies. Read More →
CyberArk Audit Security Update: CVE-2024-47081 Fix Plus Multi-Solution Maintenance
Critical security update for CyberArk Audit requests library addressing credential leak vulnerability, plus comprehensive updates across 8 solutions. Read More →
Corelight: New Anomaly and First-Seen Event Parsers for Advanced Threat Detection
Corelight solution gains two new parsers for machine learning-based anomaly detection and first-seen event tracking. Read More →
Feedly Threat Intelligence: Function App Package Fix for Python Dependencies
Critical deployment fix for Feedly Azure Function App requiring proper Python packages structure. Read More →
Lumen Threat Feed Solution: Enhanced Delta Sync and Performance Improvements
Lumen Defender Threat Feed updated to v3.1.0 with migrated delta sync polling logic and improved workbook functionality. Read More →
OneTrust Data Security Platform Connector: New Privacy and Risk Management Visibility
New CCF-based connector for OneTrust enables monitoring of privacy compliance, data governance, and risk management activities in Sentinel workspaces. Read More →
Critical Security Fix: Requests Library Updated to 2.32.4 Across Multiple Connectors
Updated requests library to 2.32.4 in Auth0, Alibaba Cloud, and CrowdStrike connectors to address potential security vulnerabilities. Read More →
Microsoft Entra ID Assets: Fixing Product Name Typo in Data Connector
Fixed typo in Microsoft Entra ID Assets connector title and updated description to use correct Microsoft Sentinel branding. Read More →
CyberArk Audit: Enhanced Detection Rules with Custom Data Field Analysis
CyberArk Audit solution updated with improved analytics rules leveraging custom data fields for better privileged access monitoring. Read More →