Changelog

Joe Sandbox solution updated to v3.0.1 with Azure template fixes, updated storage API versions, and improved IOC processing in playbooks. Read More →

Abnormal Security CCF connector v3.0.1 fixes table column naming to match Microsoft Log Analytics output, restoring access to previously missing metadata fields. Read More →

Critical configuration fix resolves parameter name mismatch that prevented Azure DevOps audit log ingestion entirely. Read More →

CrowdStrike’s Function App-based data replicator was incorrectly deprecated and has been restored to active status to maintain government deployment support. Read More →

Upwind connector Function App deployment was failing due to incorrect zip structure and ARM template configuration - fixed with flat zip layout and implicit hosting plan. Read More →

Fixed Function App deployment packaging errors and improved security by converting ARM template secrets to secure strings. Read More →

Fixed DCR transformKql failures for Type field and invalid data types that were preventing Cloudflare log ingestion. Read More →

Analytic rule renamed from Cloud PC-specific to cover all Entra-authenticated Windows devices, clarifying detection scope without logic changes. Read More →

Version bump to 2.1.1 with efficiency improvements noted but no connector logic changes. Read More →

Logic App Playbook introduced to poll Vaikora AI agent signals and push high-risk actions as Custom IOCs to CrowdStrike Falcon for automated threat prevention. Read More →

Updates polling interval from 2-day to 1-day window with 1-day delay to eliminate duplicate Zoom cloud recording logs. Read More →

Replaces deprecated concat with uri function in ARM template to meet Azure certification requirements. Read More →

Qualys Knowledge Base connector moves from Preview to General Availability, providing production-grade vulnerability intelligence ingestion with enhanced monitoring capabilities. Read More →

Data443 introduces Vaikora AI agent behavioral signal integration with SentinelOne threat intelligence via a 6-hour polling playbook. Read More →

New solution provides real-time IP enrichment to detect VPN, residential proxy, and bot automation traffic in incidents and alerts. Read More →

Qualys VM connector upgraded from API v3.0 to v5.0 to prevent June deprecation cutoff impacting vulnerability data ingestion. Read More →

ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →

Lab deployment script now retries on any table syntax errors, not just OktaV2_CL — prevents silent deployment failures. Read More →

Critical Okta detection was broken after connector migration — now uses OktaSSO parser to restore session impersonation monitoring. Read More →

Seraphic Web Security solution upgraded to v3.0.0 schema with polling v3.0, health checks, and corrected connectivity criteria. Read More →