Valimail Enforce Solution: Publisher Name Typo Corrected in Sentinel UI

Fixes misspelled publisher name from Valimmail to Valimail in the Data Connector configuration UI. Read More →

Vaikora Connector: Zero Data Ingestion Fixed After DCR Stream Mapping Failure

Critical fix restores Vaikora AI agent behavioral data after complete ingestion failure caused by DCR stream column mismatch. Read More →

SAP Solution: Analyzer Marketplace Visibility and Agentless Connector Discovery Fixed

Tools fixes enable proper SAP solution marketplace tracking and make the SAPCC agentless connector visible to the Microsoft Sentinel Solutions Analyzer. Read More →

Lookout Connector: Critical Data Loss Fix for Mobile Threat Event Identifiers

Lookout Mobile Risk API v2 connector was silently dropping unique event identifiers (oid field), breaking all downstream correlation in detections and workbooks. Read More →

BitSight Solution: Provider Information Updated to Partner Status

BitSight solution metadata updated to reflect partner provider status, transitioning from Microsoft internal to external partner support. Read More →

GitHub Audit Log Connector: Azure Storage Integration Addresses API Rate Limits

New Azure Storage-based GitHub Enterprise audit log connector overcomes CCF API rate limitations through Event Grid blob notifications. Read More →

Filewall for Microsoft 365: New Solution Adds Data Exfiltration Detection for Exchange and Files

Complete CCF-based solution delivers real-time monitoring of blocked emails and files across Microsoft 365 services with immediate threat alerting. Read More →

Microsoft Agent Identities Connector: New Entra Non-Human Identity Asset Visibility (Preview)

Agent 365 solution adds new Microsoft Agent Identities connector for tracking agent blueprints and non-human identity assets across four data tables. Read More →

Cisco Umbrella CCF: Public Preview Expands Data Visibility with 10 New Log Tables

New Codeless Connector Framework introduces comprehensive log coverage across DNS, web traffic, cloud firewall, admin audit, DLP, file events, IPS, VPN and Zero Trust access for enhanced threat detection. Read More →

Oracle Cloud Infrastructure CCF Connector: IAM Permissions Guidance Added

OCI connector UI updated with explicit IAM policy requirements for stream consumption authorization alongside API signing key authentication. Read More →

42Crunch API Protection: Critical Migration from Legacy HTTP Collector to CCF Push Connector

Migration addresses deprecated HTTP Data Collector API by implementing CCF OAuth2/Entra ID ingestion — deployments on legacy connector face imminent data loss. Read More →

CrowdStrike API Connector: Multi-Domain Support for Enterprise Deployments

CrowdStrike API connector now supports multiple domain configurations with unique aliases, enabling organizations to ingest data from different CrowdStrike instances simultaneously. Read More →

Airlock Digital Solution: Application Control Visibility for Endpoint Security

New CCF connector enables ingestion of Airlock Digital application control logs, providing execution monitoring and file activity visibility to detect unauthorized software execution. Read More →

NordStellar CCF Push Connector: Real-time Threat Intelligence Integration Now Available

New NordStellar solution delivers real-time threat intelligence and exposure monitoring via CCF Push architecture to unified NordStellar_CL table. Read More →

Sonrai Security CCF Connector: New Cloud Security Posture Visibility

Sonrai Security compliance tickets now integrate directly with Microsoft Sentinel through a new CCF push connector. Read More →

BitSight: Function App to CCF Migration Restores Third-Party Risk Visibility

Legacy Function App connector replaced with two CCF connectors for independent security statistics and events ingestion. Read More →

VMware Workspace ONE: New CCF Connector for UEM Device and Application Visibility

VMware Workspace ONE Unified Endpoint Management platform now available in Microsoft Sentinel via CCF connector for device compliance monitoring and shadow IT detection. Read More →

Cloudflare CCF Workbook: Fixed Field Mapping for New CCF Schema

Corrected workbook queries to use normalized ASIM fields from Cloudflare CCF connector, resolving visualization errors from legacy field references. Read More →

OpenAI Connector: Migration to ASIM Standard Improves AI Monitoring Normalization

OpenAI chat completions data now ingests to ASimAgentEventLogs standard table, enabling standardized AI usage monitoring and cross-product correlation. Read More →

Illumio Insights Graph: New Network Traffic Analysis and Threat Intelligence Connector

New CCF-based connector ingests Illumio AI-powered threat discovery reports with network flow analysis, geographic context, and MITRE ATT&CK framework integration. Read More →