SAP Agentless Solution: Safe Extraction Limit Added for Data Processing
SAP agentless integration package updated with safe limit parameter for extraction operations, enhancing data processing control. Read More →
Changelog
Azure Security Benchmark Workbook: Network Map Component Removed Due to Repository Deprecation
Network mapping visualization removed from Azure Security Benchmark workbook following upstream repository deprecation. Read More →
Microsoft Defender XDR: Attack Simulator Training Playbook for Phishing Non-Reporters
New playbook automatically educates users who failed to report phishing emails by triggering Attack Simulator training simulations. Read More →
CMMC 2.0 Workbook: Network Map Component Removed Due to Deprecation
Cybersecurity Maturity Model workbook updated to remove deprecated network mapping functionality. Read More →
Microsoft Copilot Solution: New AI Security Monitoring with LLM Activity Telemetry
New Microsoft Copilot solution added providing AI-powered assistant usage monitoring and security telemetry through LLMActivity table ingestion via DCR framework. Read More →
GitHub Enterprise Audit Logs Connector: Critical Setup Instructions Updated
Labeled P0 — GitHub CCF connector setup instructions fixed to clarify API token scope requirements. Read More →
Jamf Protect: Enhanced Parsing for New macOS Security Events and Process Audit Fields
Jamf Protect parsers updated to support TCC modifications, network connections, and pseudoterminal events plus enhanced process audit tokens. Read More →
Snowflake Connector: Critical Data Fidelity and Reliability Improvements
Snowflake CCF connector fixed to prevent duplicate data ingestion, improve pagination handling, and reduce connection failures. Read More →
Threat Intelligence Workbook: Query Logic Fix for Indicator Visualization
Workbook query issue resolved in Threat Intelligence solution — improves analyst dashboard reliability. Read More →
NordPass Solution: Data Breach Scanner Detection Rules and Enhanced Connector Logic
Two new analytic rules detect domain and user data breaches on the dark web, with enhanced ingestion logic for NordPass Data Breach Scanner integration. Read More →
Veeam Solution: New Backup Security Monitoring with Malware Detection and Compliance Analysis
New Veeam solution added providing comprehensive security monitoring for backup infrastructure with malware scanning, compliance analysis, and threat detection capabilities. Read More →
Onapsis Defend Connectors: Broken Documentation Links Removed
Fixed connector documentation by removing non-functional links to workspace key documentation. Read More →
Threat Intelligence Connectors: ThreatIntelObjects Data Source Visibility Added
All TI data connector templates now monitor the new ThreatIntelObjects table, expanding threat intelligence visibility beyond traditional indicators. Read More →
Data Connectors: CodeQL Alert Suppression for Legacy Components
Added suppression comments for CodeQL security alerts in deprecated connectors and backward compatibility modules. Read More →
Google Cloud Platform NAT Solution: Packaging Update
GCP NAT solution packaging updated to version 3.0.1 with minor metadata revisions. Read More →
GCP Connectors Promoted to General Availability: Cloud Run, NAT, and Resource Manager
Three Google Cloud Platform CCF connectors graduate from Preview to GA status, indicating production readiness for enterprise deployment. Read More →
Threat Analysis & Response Workbook: Enhanced Visualizations and UI Improvements
Workbook update adds graphical views to complement table displays and fixes missing data source statistics headers. Read More →
Threat Intelligence DNS Detection: Alert Description Field Mapping Fix Enables Threat Context
Threat Intelligence imDns_IPEntity_DnsEvents rule updated to fix alert description field mapping from non-existent Type to ThreatType, restoring threat classification in DNS alerts. Read More →
Azure Firewall Detection: Critical Time Range Fix Prevents Overlapping Alerts and Query Failures
Azure Firewall Abnormal Port to Protocol rule updated to fix brittle time range handling that caused duplicate alerts and failed detection when runtime was modified. Read More →
Microsoft Entra ID Conditional Access Rules: Incident Configuration Fix Resolves Rule Creation Failures
Microsoft Entra ID Conditional Access detection rules updated to fix lookbackDuration format preventing rule deployment in Microsoft Sentinel workspaces. Read More →