Anomalous Single Factor Sign-in Detection: Critical Logic Revert Due to False Positives

Reverts detection rule logic changes due to GitHub issue reporting incorrect filtering logic causing operational problems. Read More →

Authomize Connector: Critical requests Library CVE-2024-47081 Security Fix

Authomize connector dependency updated to address credential leakage vulnerability in requests library. Read More →

ZeroFox Connector: Fixing Stream Naming Inconsistency Breaking Alert Ingestion

Stream name mismatch between DCR and connector config prevented ZeroFox threat alerts from reaching Sentinel workspaces. Read More →

Fortinet FortiNDR Cloud: Security Update Addresses Python Requests CVE-2024-47081

Critical security update patches CVE-2024-47081 netrc credential leak vulnerability in Python requests library. Read More →

Palo Alto Prisma Cloud Connector: Policy Data Restored with Missing "detailed" API Flag

Critical data fidelity fix for Palo Alto Prisma Cloud CCF connector — added missing “detailed” flag to API queries, restoring previously excluded policy field data. Read More →

Snowflake Connector: Data Parsing Logic Restored After SQL Query Malformation

Critical fix to Snowflake connector data parsing logic, switching from array-based extraction to proper JSON field extraction, restoring visibility across all log types. Read More →

Salesforce Service Cloud Connector: Column Name Bug Fix Plus Multi-Solution Updates

Fixed critical column name mapping bug in Salesforce Service Cloud CCF connector preventing proper data ingestion. Read More →

Open Systems Connector: aiohttp Security Update 3.10.11→3.12.14 Plus Multi-Solution Changes

Open Systems connector updated aiohttp dependency addressing potential security vulnerabilities, bundled with extensive solution packaging updates. Read More →

Threat Intelligence: Critical Logic Fix Stops False Alerts on Revoked Indicators

Broken condition in CloudAppEvents threat intelligence detection fixed to prevent firing on revoked/deleted indicators. Read More →

Threat Intelligence: AppService HTTP Logs Detection Restored After Missing Column Fix

Critical fix for broken IP entity detection rule that was missing AlertPriority column causing template failures. Read More →

WithSecure Elements Connector: Critical requests Security Update

requests library upgraded to 2.32.4 patching CVE-2024-47081 netrc credential leak vulnerability. Read More →

ESET Protect Platform Connector: Critical urllib3 Security Update

urllib3 dependency upgraded to 2.5.0 patching two CVE redirect control vulnerabilities (CVE-2025-50181, CVE-2025-50182). Read More →

SAP BTP Connector: Critical Pagination Fix Restores Missing Security Events

CCF connector pagination bug fixed - deployments were missing audit events due to failed token parsing. Read More →

AWS CloudWatch Connectors: Critical Python 3.13 Compatibility Fix

Removed problematic CSV handling causing Lambda function failures on Python 3.13 runtime in CloudWatch connectors. Read More →

Business Email Compromise: Fixed Alert Display Variable Reference

Corrected alert display format to use correct variable name CountOfDocs instead of non-existent number_of_files_accessed. Read More →

Salesforce Service Cloud: Critical Detection Rule Fixes for TimestampDerived Field

Essential bug fixes for Salesforce Service Cloud detection rules resolving datetime conversion issues that prevented rule creation. Read More →

VMRay Connector: Fixed Premium ARM Template Security Configuration

ARM template deployment fix adds mandatory TLS 1.2 enforcement and corrects resource configuration for VMRay Function App connector. Read More →

Threat Intelligence Detection: Critical Timing Fix for Cloud App Email Indicators

TI analytic rule query periods reduced from 10 days to 1 hour to prevent false negatives from timing mismatches. Read More →

SailPoint IdentityNow: Function App Deployment Package Structure Fix

Critical deployment fix for SailPoint IdentityNow Function App correcting ZIP file structure for proper Azure Function discovery and Python package dependencies. Read More →

CyberArk Audit Security Update: CVE-2024-47081 Fix Plus Multi-Solution Maintenance

Critical security update for CyberArk Audit requests library addressing credential leak vulnerability, plus comprehensive updates across 8 solutions. Read More →