Cisco Duo Connector: API Throttling Resilience Improved for Log Ingestion

Doubled retry delay to 120 seconds to address Duo API throttling requirements preventing log collection. Read More →

Workspace Usage Workbook: IsBillable Column Display Labels Corrected

Fixed inverted display labels in WorkspaceUsage workbook where billing status showed opposite values. Read More →

GitHub Actions Security: Fork PR Workflow Hardened Against Supply Chain Attacks

CI/CD security enhancement prevents automatic execution of untrusted fork code by implementing strict SafeToRun label gating. Read More →

GitHub Advanced Security Parser Migration: CLv2 Compatibility and Schema Updates

Critical fix migrates GitHub parsers and workbooks to support CLv2 ingestion table and updated GitHub alert event schemas, ensuring compatibility across V1 and V2 deployments. Read More →

VMware vCenter ASIM Parser: DvcId Type Correction Prevents Query Failures

Fixed critical data type mismatch in VMware vCenter authentication parser that caused DvcId field queries to fail. Read More →

Solutions Analyzer: Fix Connector Overcount in CCF v2 Solutions

Solutions Analyzer was double-counting connectors in CCF v2 solutions due to azuredeploy wrapper files creating phantom duplicates. Read More →

MISP2Sentinel: Critical Table Reference Fix for Upload Indicators API

MISP threat intelligence connector was broken due to incorrect table reference — deployments had zero indicator ingestion until this fix. Read More →

Joe Sandbox Solution: ARM Template Fixes and IOC Handling Improvements

Joe Sandbox solution updated to v3.0.1 with Azure template fixes, updated storage API versions, and improved IOC processing in playbooks. Read More →

Azure DevOps Auditing: Fixing Broken Connector After Parameter Mismatch

Critical configuration fix resolves parameter name mismatch that prevented Azure DevOps audit log ingestion entirely. Read More →

Upwind Connector: Function App Deployment Fixed After Broken Code Deployment

Upwind connector Function App deployment was failing due to incorrect zip structure and ARM template configuration - fixed with flat zip layout and implicit hosting plan. Read More →

Cloudflare Connector: Critical DCR Fix Restores Data Ingestion After Field Mapping Failures

Fixed DCR transformKql failures for Type field and invalid data types that were preventing Cloudflare log ingestion. Read More →

Training Lab: Fixed Detection Rule Deployment Script Resilience

Lab deployment script now retries on any table syntax errors, not just OktaV2_CL — prevents silent deployment failures. Read More →

Okta Detection Rule: Fixed Blind Spot After Connector Migration to OktaV2_CL

Critical Okta detection was broken after connector migration — now uses OktaSSO parser to restore session impersonation monitoring. Read More →

Lookout Connector: Critical ARM Template Fix Restores Mobile Threat Data Ingestion

Fixed bracket escaping bug in ARM template that caused complete Lookout connector deployment failure. Read More →

Visa Threat Intelligence: Package Publishing Fix for Content Hub Deployment

Resolved package publishing failure by adding missing connector information to UI definition file. Read More →

ExtraHop RevealX Connector: Function App Package Reverted to Address Customer Issues

ExtraHop connector reverted to previous function app package to resolve customer-facing deployment issues affecting data ingestion. Read More →

AWS CloudTrail Connector: Function App Crash Fix for Unsupported File Types

Fixes potential Python exception in CloudTrail ingestion function when encountering unsupported file formats, preventing data ingestion failure. Read More →

AWS S3 and CEF Connectors: Security Alert Remediation Fixes Error Handling Gaps

Python connector security vulnerabilities patched with improved error handling and null check additions. Read More →

Proofpoint POD Connector: Critical Time Parameter Fix to Prevent Data Gaps

Proofpoint POD connector updated to include sinceTime parameter configuration, addressing potential data collection gaps during initial ingestion windows. Read More →

Global Secure Access: Threat Intelligence Detection Restored After URL Regex Failure

Fixed broken URL threat intelligence detection and expanded workbook coverage for new Entra traffic type. Read More →