Azure Firewall Detection: Critical Time Range Fix Prevents Overlapping Alerts and Query Failures

Azure Firewall Abnormal Port to Protocol rule updated to fix brittle time range handling that caused duplicate alerts and failed detection when runtime was modified. Read More →

Microsoft Entra ID Conditional Access Rules: Incident Configuration Fix Resolves Rule Creation Failures

Microsoft Entra ID Conditional Access detection rules updated to fix lookbackDuration format preventing rule deployment in Microsoft Sentinel workspaces. Read More →

Threat Intelligence Detection: Alert Description Field Mapping Fix Restores Dynamic Content

Threat Intelligence DomainEntity_imWebSession rule updated to fix alert description field mapping, replacing non-existent Type field with ThreatType for proper alert context. Read More →