Salesforce Service Cloud Connector: Enhanced Event Coverage and OAuth2 Support
Salesforce connector v3.1.0 adds comprehensive Event Log File coverage and OAuth2 username-password authentication for improved deployment flexibility. Read More →
Changelog
GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion
New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →
Bitdefender GravityZone: New Push-Based Security Data Connector for Sentinel
New GravityZone solution brings enterprise endpoint threat data directly to Sentinel via DCR-based push ingestion without bundled detections. Read More →
Lookout Connector: Critical ARM Template Fix Restores Mobile Threat Data Ingestion
Fixed bracket escaping bug in ARM template that caused complete Lookout connector deployment failure. Read More →
Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel
New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →
ASIM Agent Event Schema: New Normalization Framework for Security Agent Monitoring
Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms. Read More →
AWS ELB Solution Moves to General Availability
AWS Elastic Load Balancer solution transitions from Public Preview to GA status, confirming production readiness for ALB/NLB access log monitoring. Read More →
Lookout Solution: Version 3.0.3 Certification Resubmission
Version bump from 3.0.2 to 3.0.3 for certification resubmission with ARM template parameter fix. Read More →
Valimail Enforce Solution: New Email Authentication Monitoring for DMARC/SPF/DKIM Configuration Changes
Complete Valimail Enforce monitoring solution delivers real-time detection of email authentication policy weakening and suspicious admin activity affecting domain security posture. Read More →
Halcyon Anti-Ransomware: Connector Overhaul from ASIM to OCSF Schema Architecture
Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →
SOCRadar XTI Platform: New Extended Threat Intelligence Solution Launches with Bidirectional Sync
SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →
Microsoft 365 Defender Process Parsers: Enhanced File Metadata Visibility
ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →
Microsoft Sentinel Training Lab: Authentication Simplified to UAMI-Only
Training lab removes dual-auth complexity, standardizing on User-Assigned Managed Identity for Microsoft Defender XDR custom detection rule deployment. Read More →
BitSight Solution: Packaging Fix Resolves Content Hub Republishing Failure
BitSight solution package updated to v3.1.1 fixing a solution ID issue that prevented proper republishing to Microsoft Sentinel Content Hub. Read More →
Cyjax Threat Intelligence Platform: Complete Solution for IOC Ingestion and Investigation
New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →
Lookout Connector: ARM Template Fix Prevents Deployment Location Errors
Fixed workspace-location defaultValue in Lookout solution ARM template to prevent deployment failures when location parameter is unset. Read More →
Visa Threat Intelligence: Package Publishing Fix for Content Hub Deployment
Resolved package publishing failure by adding missing connector information to UI definition file. Read More →
ExtraHop RevealX Connector: Function App Package Reverted to Address Customer Issues
ExtraHop connector reverted to previous function app package to resolve customer-facing deployment issues affecting data ingestion. Read More →
AWS CloudTrail Connector: Function App Crash Fix for Unsupported File Types
Fixes potential Python exception in CloudTrail ingestion function when encountering unsupported file formats, preventing data ingestion failure. Read More →
Recorded Future Identity: Prepares for Microsoft Defender Portal Migration by Deprecating Legacy Incident Creation
Recorded Future Identity solution deprecates Logic Apps-based incident creation and introduces Analytic Rules for Microsoft Defender Portal compatibility. Read More →