AWS on sentinelchangelog.net

AWS on sentinelchangelog.nethttp://sentinelchangelog.net/tags/aws/Recent content in AWS on sentinelchangelog.netHugo -- 0.157.0enThu, 28 May 2026 12:40:08 +0000AWS Security Hub Compliance Workbook: Comprehensive Security Posture Visualization Now Availablehttp://sentinelchangelog.net/posts/2026-05-28-pr-13870/Thu, 28 May 2026 12:40:08 +0000http://sentinelchangelog.net/posts/2026-05-28-pr-13870/New AWS Security Hub compliance workbook provides executive dashboards and operational analytics for security findings, compliance tracking, and multi-account posture management.AWS S3 and CrowdStrike Connectors: Non-Analytics Tier Query Support for Basic/Auxiliary Planshttp://sentinelchangelog.net/posts/2026-05-28-pr-14264/Thu, 28 May 2026 10:37:30 +0000http://sentinelchangelog.net/posts/2026-05-28-pr-14264/AWS S3 and CrowdStrike Falcon S3 Data Replicator connectors now support Usage table fallback queries for deployments using Basic/Auxiliary Log Analytics plans.AWS Content Quality Overhaul: Standardized Detection Rules and Improved Entity Mappingshttp://sentinelchangelog.net/posts/2026-05-18-pr-14101/Mon, 18 May 2026 07:30:57 +0000http://sentinelchangelog.net/posts/2026-05-18-pr-14101/Comprehensive quality improvements to 61 AWS Analytic Rules and 35 Hunting Queries with standardized naming conventions, normalized MITRE technique mappings, and updated entity field references from legacy AccountCustomEntity to UserIdentityUserName.AWS ELB Solution Moves to General Availabilityhttp://sentinelchangelog.net/posts/2026-04-24-pr-14127/Fri, 24 Apr 2026 08:42:53 +0000http://sentinelchangelog.net/posts/2026-04-24-pr-14127/AWS Elastic Load Balancer solution transitions from Public Preview to GA status, confirming production readiness for ALB/NLB access log monitoring.AWS CloudTrail Connector: Function App Crash Fix for Unsupported File Typeshttp://sentinelchangelog.net/posts/2026-04-21-pr-14104/Tue, 21 Apr 2026 11:12:13 +0000http://sentinelchangelog.net/posts/2026-04-21-pr-14104/Fixes potential Python exception in CloudTrail ingestion function when encountering unsupported file formats, preventing data ingestion failure.AWS S3 and CEF Connectors: Security Alert Remediation Fixes Error Handling Gapshttp://sentinelchangelog.net/posts/2026-04-20-pr-14088/Mon, 20 Apr 2026 09:51:55 +0000http://sentinelchangelog.net/posts/2026-04-20-pr-14088/Python connector security vulnerabilities patched with improved error handling and null check additions.Microsoft Sentinel Training Lab: Comprehensive Hands-On Security Operations Environment Now Availablehttp://sentinelchangelog.net/posts/2026-04-10-pr-13848/Fri, 10 Apr 2026 15:05:24 +0000http://sentinelchangelog.net/posts/2026-04-10-pr-13848/New deployment-ready training lab delivers 14 guided exercises with pre-recorded telemetry, detection rules, and automation workflows for practical Microsoft Sentinel skill development.AWS ELB Connector: Public Preview CCF Ingestion for ALB, NLB, and GLB Logshttp://sentinelchangelog.net/posts/2026-03-23-pr-13872/Mon, 23 Mar 2026 11:41:03 +0000http://sentinelchangelog.net/posts/2026-03-23-pr-13872/New CCF connector enables ingestion of AWS Elastic Load Balancer access and flow logs into Microsoft Sentinel for network traffic monitoring and threat detection.AWS EKS Connector: CloudFormation Template Revert Fixes Deployment Issueshttp://sentinelchangelog.net/posts/2026-03-12-pr-13812/Thu, 12 Mar 2026 21:03:03 +0000http://sentinelchangelog.net/posts/2026-03-12-pr-13812/AWS EKS connector CloudFormation templates reverted to resolve deployment errors affecting EKS audit log ingestion setup.AWS Network Firewall Connector: Fixed Critical Deployment Bug Causing Duplicate Collectorshttp://sentinelchangelog.net/posts/2026-03-11-pr-13589/Wed, 11 Mar 2026 21:39:27 +0000http://sentinelchangelog.net/posts/2026-03-11-pr-13589/Deployment bug fix prevents multiple collector creation for AWS Network Firewall multi-stream connectors.AWS EKS Connector: New Public Preview for Kubernetes Audit Log Security Monitoringhttp://sentinelchangelog.net/posts/2026-03-11-pr-13749/Wed, 11 Mar 2026 21:35:04 +0000http://sentinelchangelog.net/posts/2026-03-11-pr-13749/New CCF-based solution ingests Amazon Elastic Kubernetes Service audit logs via SQS for real-time cluster security monitoring.AWS Athena Function App: Resolving Extension Bundle Compatibility and Query Result Parsinghttp://sentinelchangelog.net/posts/2026-03-10-pr-13648/Tue, 10 Mar 2026 06:57:45 +0000http://sentinelchangelog.net/posts/2026-03-10-pr-13648/AWS Athena Function App connector updated to Azure Functions v4+ bundle and fixed Python query parsing logic that previously failed on empty result data.ASIM FileEvent Parser: New AWS CloudTrail S3 Support Addedhttp://sentinelchangelog.net/posts/2026-02-20-pr-13569/Fri, 20 Feb 2026 21:46:53 +0000http://sentinelchangelog.net/posts/2026-02-20-pr-13569/New FileEvent parser enables normalized S3 object activity monitoring from AWS CloudTrail logs across bucket operations and object lifecycle events.ASIM User Management: AWS CloudTrail Parser Enables IAM and Cognito Visibilityhttp://sentinelchangelog.net/posts/2026-02-12-pr-13503/Thu, 12 Feb 2026 17:56:32 +0000http://sentinelchangelog.net/posts/2026-02-12-pr-13503/New ASIM parser normalizes AWS CloudTrail user management events from IAM and Cognito services into Microsoft Sentinel.AWS Access Logs: Security Enhancement for SQS Principal Access Controlhttp://sentinelchangelog.net/posts/2025-12-30-pr-13365/Tue, 30 Dec 2025 07:59:46 +0000http://sentinelchangelog.net/posts/2025-12-30-pr-13365/AWS S3 Server Access Logs CloudFormation template receives critical security update restricting SQS queue principal from wildcard to S3 service only.AWS CloudTrail Connector: Fixed Script Logic and Command Syntax Errorshttp://sentinelchangelog.net/posts/2025-12-10-pr-13281/Wed, 10 Dec 2025 03:31:36 +0000http://sentinelchangelog.net/posts/2025-12-10-pr-13281/Corrected PowerShell variable scoping and AWS CLI command syntax in CloudTrail configuration script.AWS S3 Connector: Python Runtime Upgrade and Boto3 Compatibility Fixhttp://sentinelchangelog.net/posts/2025-11-14-pr-13129/Fri, 14 Nov 2025 09:29:58 +0000http://sentinelchangelog.net/posts/2025-11-14-pr-13129/Function App connector updated to Python 3.11 with boto3 fix for missing CommonPrefixes handling.AWS CloudWatch Connectors: Critical Python 3.13 Compatibility Fixhttp://sentinelchangelog.net/posts/2025-11-13-pr-13104/Thu, 13 Nov 2025 03:41:19 +0000http://sentinelchangelog.net/posts/2025-11-13-pr-13104/Removed problematic CSV handling causing Lambda function failures on Python 3.13 runtime in CloudWatch connectors.UEBA Essentials: Enhanced Multi-Cloud Detection with 6 New AWS, GCP & Okta Hunting Querieshttp://sentinelchangelog.net/posts/2025-11-12-pr-13065/Wed, 12 Nov 2025 11:17:58 +0000http://sentinelchangelog.net/posts/2025-11-12-pr-13065/Major update adds comprehensive multi-cloud anomaly detection capabilities across AWS, GCP, and Okta platforms with 6 new hunting queries.AWS S3 Connector: PowerShell Version Enforcement Prevents Configuration Failureshttp://sentinelchangelog.net/posts/2025-10-22-pr-12924/Wed, 22 Oct 2025 12:30:02 +0000http://sentinelchangelog.net/posts/2025-10-22-pr-12924/AWS S3 connector script now enforces PowerShell 7+ requirement to prevent customer deployment failures.AWS and VMware ESXi: Three New Analytic Rules for Execution, Exfiltration, and Lateral Movementhttp://sentinelchangelog.net/posts/2025-10-09-pr-12696/Thu, 09 Oct 2025 12:07:12 +0000http://sentinelchangelog.net/posts/2025-10-09-pr-12696/Three new Analytic Rules added across AWS CloudTrail and VMware ESXi — detecting EC2 startup script tampering (T1059), anonymous S3 object exfiltration (T1530), and SSH enablement on ESXi hosts (T1021).AWS S3 Server Access Logs Connector: GA Promotion Removes Preview Statushttp://sentinelchangelog.net/posts/2025-10-07-pr-12918/Tue, 07 Oct 2025 06:30:45 +0000http://sentinelchangelog.net/posts/2025-10-07-pr-12918/AWS S3 Server Access Logs connector promoted from Preview to General Availability with version 3.0.1.