Sentinel CCF Packaging Tool: Adding JWT Token Authentication Support
CCF packaging tooling now supports JWT token authentication alongside existing methods for connector development. Read More →
Changelog
AWS and VMware ESXi: Three New Analytic Rules for Execution, Exfiltration, and Lateral Movement
Three new Analytic Rules added across AWS CloudTrail and VMware ESXi — detecting EC2 startup script tampering (T1059), anonymous S3 object exfiltration (T1530), and SSH enablement on ESXi hosts (T1021). Read More →
GDPR Compliance Dashboard: New Workbook for Privacy Risk Monitoring
New GDPR Compliance solution adds workbook consolidating privacy risk signals from Defender XDR, Microsoft Purview, Azure SQL, and Entra ID. Read More →
New Cloudflare CCF Solution: Enterprise Log Visibility via Azure Blob Integration
New Cloudflare connector solution delivers comprehensive log ingestion through CCF blob integration for enhanced web traffic and security monitoring. Read More →
Multiple Solutions Added: Palo Alto aiohttp Update Plus New Obsidian and SAP S4 Connectors
Palo Alto Prisma Cloud dependency security update alongside new Obsidian Datasharing and SAP S4 Cloud Public Edition connector solutions. Read More →
Palo Alto Cortex Xpanse CCF Connector: GA Promotion Removes Preview Status
Palo Alto Cortex Xpanse CCF connector promoted from Preview to General Availability with version 3.0.1. Read More →
VirtualMetric DataStream: Solution ID Correction for Marketplace Deployment
Corrected solution identifier in VirtualMetric DataStream package to resolve Azure Marketplace deployment failures. Read More →
Team Cymru Scout: Playbook Bug Fix for Incident Enrichment Template
Fixed template error in TeamCymruScoutEnrichIncident playbook that was causing runtime failures. Read More →
SAP S/4HANA Cloud Public Edition: New CCF Connector for Security Audit Logs
New SAP S/4HANA Cloud Public Edition CCF connector enables ingestion of security audit logs into Microsoft Sentinel SAP solution. Read More →
Obsidian Datasharing: New Security Data Aggregation Solution
New connector solution for ingesting Obsidian platform security data into Microsoft Sentinel. Read More →
Multiple Solution Updates: GKE GA Promotion and SAP ETD Investigation Capability
Google Kubernetes Engine connector promoted to GA while SAP ETD Cloud gains investigation data ingestion and enhanced detection coverage. Read More →
Threat Intelligence: TAXII Export Connector Added for External Sharing
New TAXII Export connector enables Microsoft Sentinel to share threat intelligence indicators with external TAXII 2.1 servers. Read More →
AWS S3 Server Access Logs Connector: GA Promotion Removes Preview Status
AWS S3 Server Access Logs connector promoted from Preview to General Availability with version 3.0.1. Read More →
Cloudflare Connector: Security Dependency Update for aiohttp Library
aiohttp library updated from 3.10.11 to 3.12.14 in Cloudflare connector addressing potential security vulnerabilities. Read More →
SAP ETD Cloud: Investigations Data Source Added for Enhanced Threat Tracking
SAP Enterprise Threat Detection solution expands with new Investigations connector, providing comprehensive investigation tracking and correlation capabilities. Read More →
Illumio Insight Connectors: Enhanced Documentation and Polling Configuration
Documentation improvements and polling frequency adjustment enhance user experience for Illumio threat analysis deployment. Read More →
Samsung Knox Asset Intelligence: DCR Schema Reduction and Rule Removal
Knox connector DCR updated to remove 13 event types, with corresponding analytic rule deleted due to missing data source. Read More →
VirtualMetric DataStream Solution: New Multi-Path Data Ingestion Platform for Sentinel
New VirtualMetric DataStream solution provides comprehensive data ingestion capabilities with ASIM support and multiple deployment options for Sentinel and data lake environments. Read More →
Cisco Duo Security: Support Information and Metadata Updates
Solution package updated with revised support information and compatibility metadata. Read More →
Network Session Anomaly Detection: Simplified EPS Threshold Logic
Two network session analytic rules updated with unified EPS threshold and simplified query logic for improved maintainability. Read More →