SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →
New PowerShell script automates discovery of classic custom log tables and dependency impact assessment for the mandatory HTTP Data Collector API migration. Read More →
Two advanced data ingestion exercises added to training lab covering ADLS Gen2 federation and tier-based transformation routing. Read More →
All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →
Python connector security vulnerabilities patched with improved error handling and null check additions. Read More →
Updated publisher ID in Upwind solution metadata to comply with Content Hub deployment requirements. Read More →
Proofpoint POD connector updated to include sinceTime parameter configuration, addressing potential data collection gaps during initial ingestion windows. Read More →
Documentation updated for Logstash output plugin to reflect version 2.1.0 with Ruby-to-Java refactor, managed identity support, and closed-source transition. Read More →
Recorded Future adds sandbox region configuration parameter and moves threat intelligence evidence details to comply with STIX standard structure. Read More →
Comprehensive update to the Sentinel Training Lab with improved detection entity correlation, new cost management capabilities, and standardized naming conventions. Read More →
ASIM Process Event parser parameter names corrected to match documentation, fixing filtering logic discrepancies that could affect query performance and parser interoperability. Read More →
Censys solution adds playbook and workbook for automated infrastructure pivoting and pivot analysis visualization using the Pivot Analysis API. Read More →
Fixed broken URL threat intelligence detection and expanded workbook coverage for new Entra traffic type. Read More →
New Python-based data collector extracts custom QRadar detection rules and building blocks for migration-ready analysis and conversion to Microsoft Sentinel. Read More →
Removes unsupported secureData configuration preventing Blacklens ASM connector deployments from completing successfully. Read More →
SAP agentless solution updated to version 1.1.10 with security and usability improvements, plus official release status designation. Read More →
New SAP playbook enables automated user blocking via Teams adaptive cards with enhanced support for complex multi-alert incidents from Microsoft Defender XDR. Read More →
D3 Smart SOAR solution now includes an Analytic Rule to automatically detect and escalate High or Critical severity incidents from SOAR platform data. Read More →
Cisco ISE Administrator authentication parser fixes swap incorrect SrcIpAddr and TargetIpAddr mappings that broke network forensics queries. Read More →
Critical fixes to VMware vCenter authentication parser resolve incorrect field mappings that broke queries referencing User and DvcId fields. Read More →