Microsoft A365 Observability Connector: Explicit SecurityAdmin Requirement Removed

Microsoft removed the explicit SecurityAdmin requirement from the A365 Observability connector, but GlobalAdmin — the highest privilege level in Azure AD — is still required. This is not a reduction in required privilege. Read More →

Imperva Cloud WAF: Production Ready CCF Connector with Standard Tables

Imperva Cloud WAF CCF connector migrates from private preview custom tables to public preview standard tables. Read More →

SentinelOne Connector: Template Cleanup for JSON Schema Compliance

Code hygiene fix removes redundant null values from CCF connector configuration. Read More →

Google Workspace Reports Connector Promoted to General Availability

Google Workspace Reports CCF connector exits preview status with updated OAuth configuration guidance. Read More →

New Attack Surface Management Solution: blacklens.io Brings External Threat Visibility to Microsoft Sentinel

blacklens.io Attack Surface Management platform now available in Content Hub with webhook-based alert ingestion and automated incident creation. Read More →

Cisco Umbrella Connector: Critical Fix for State Manager Corruption and Data Ingestion Crashes

Cisco Umbrella connector fixes critical null-byte corruption in Azure File Share state markers that was causing complete ingestion failures. Read More →

Varonis Purview Connector: Schema Update Enhances Data Fidelity and Field Coverage

Varonis Purview schema update adds new fields and corrects data types, improving query reliability for asset tracking and classification data. Read More →

Netskope Connector: Title Update to Clarify CCF Usage

Cosmetic title change to clarify the connector uses Codeless Connector Framework for Netskope API ingestion. Read More →

Box Events Connector: Title Update to Clarify CCF Usage

Cosmetic title change from “Box Events (CCP)” to “Box Events (via Codeless Connector Framework)” to reflect current terminology. Read More →

Okta Single Sign-On Connector: Title Update to Clarify CCF Usage

Cosmetic title change to clarify the connector uses Codeless Connector Framework for Okta API ingestion. Read More →

SentinelOne Connector: Title Update to Clarify CCF Usage

Cosmetic title change to clarify the connector uses Codeless Connector Framework for API ingestion. Read More →

Sophos Endpoint Protection Connector: Title Update with Deprecated Terminology

Connector title updated to indicate CCF usage, but incorrectly uses deprecated “Codeless Connector Platform” instead of current “Codeless Connector Framework” terminology. Read More →

VMware Carbon Black Cloud Connector: Title Update to Clarify CCF Usage

Cosmetic title change to clarify the connector uses Codeless Connector Framework for AWS S3 ingestion. Read More →

Auth0 CCF Connector: UI Branding Updated for Framework Visibility

Auth0 connector display name updated to clarify CCF implementation, supporting connector adoption transparency. Read More →

IPinfo Connectors: Azure Functions Dependency Fix for Linux Runtime

All IPinfo connector Azure Function packages rebuilt to resolve dependency issues with Linux runtime. Read More →

Commvault Security IQ: Enhanced Threat Scan Event Coverage and Parser Fix

Two new threat scan event types added to ingestion with regex fix for PascalCase field extraction. Read More →

Illumio Connector: Enhanced Security with Managed Identity Authentication

Illumio Function App connector replaces DefaultAzureCredential with ManagedIdentityCredential, eliminating client secret exposure. Read More →

AWS ELB Connector: Public Preview CCF Ingestion for ALB, NLB, and GLB Logs

New CCF connector enables ingestion of AWS Elastic Load Balancer access and flow logs into Microsoft Sentinel for network traffic monitoring and threat detection. Read More →

GreyNoise Threat Intelligence: SDK Update Addresses Function App Runtime Issues

Updated GreyNoise Python SDK to v3.0.3, fixed module mismatches, and bumped Azure Functions runtime to resolve connector stability issues. Read More →

Rubrik Security Cloud: New CCF Connector Unlocks Ransomware Recovery Intelligence

New CCF data connector ingests comprehensive backup status data enabling correlation between security incidents and backup health for rapid ransomware recovery assessment. Read More →