ASIM Schema Tester: Fixing Critical Validation Gap for Common Fields
Critical fix restores validation of Common schema fields alongside schema-specific fields in ASIM parser testing. Read More →
Critical fix restores validation of Common schema fields alongside schema-specific fields in ASIM parser testing. Read More →
Complete StealthTalk Enterprise solution delivers four analytic rules targeting credential attacks (T1078, T1110, T1098) plus ASIM Authentication parsers and Teams integration. Read More →
ASIM parser for Bitdefender GravityZone was failing due to missing type cast, preventing ingestion of network sandboxing alerts. Read More →
ASIM WebSession parser for Salesforce Service Cloud normalizes API and web session logs into standardized schema, enabling unified monitoring across SaaS platforms. Read More →
Removes vendor/product enumerations from ASimTester configuration to reduce maintenance overhead. Read More →
Removes duplicate CustomFunction test shim causing KQL validation failures after parser merge. Read More →
Tools fixes enable proper SAP solution marketplace tracking and make the SAPCC agentless connector visible to the Microsoft Sentinel Solutions Analyzer. Read More →
Check Point firewall ASIM parser updated to handle both “Check Point” and “CheckPoint” DeviceVendor field values, fixing parsing failures introduced in PR #12056. Read More →
ASIM Authentication parsers for Palo Alto PAN-OS and GlobalProtect now correctly populate DvcIpAddr field, fixing data fidelity gap. Read More →
GitHub Copilot agent skills now automate the complete ASIM parser creation workflow, reducing parser development time from days to hours for security engineers. Read More →
Complete Microsoft Sentinel solution integrating Bitdefender GravityZone multi-vector threat detection with DCR-based ingestion and XDR correlation. Read More →
New parsers enable normalization of Bitdefender GravityZone alert data into Microsoft Sentinel ASIM schema for unified threat detection. Read More →
New hunting query detects kernel-level rootkits bypassing EDR network telemetry by comparing perimeter firewall logs against Microsoft Defender for Endpoint data streams. Read More →
ASIM AssetEntity schema upgraded to v1.0.0 with three new fields for enhanced entity correlation and snapshot tracking. Read More →
OpenAI chat completions data now ingests to ASimAgentEventLogs standard table, enabling standardized AI usage monitoring and cross-product correlation. Read More →
New ASIM parser normalizes VMware ESXi authentication events to enable centralized logon monitoring for hypervisor infrastructure. Read More →
New ASIM parser enables normalized threat detection from Cisco Secure Endpoint via CCF ingestion to CiscoSecureEndpointEventsV2_CL table. Read More →
Five NXLog partner solutions removed from Content Hub, eliminating data connector support for BSM macOS, FIM, Linux Audit, AIX Audit, and DNS monitoring across Unix/Linux environments. Read More →
Missing TargetUserSessionId field in Microsoft 365 Defender ASIM ProcessEvent parsers has been restored, fixing queries that previously returned null for this session correlation field. Read More →
Fixed critical data type mismatch in VMware vCenter authentication parser that caused DvcId field queries to fail. Read More →