New Trellix Endpoint Security: CCF Connector Unlocks ePO Threat Visibility in Sentinel

New solution delivers Trellix ePO endpoint security events via CCF with OAuth2 authentication and comprehensive threat intelligence data. Read More →

Gigamon AMX Connector: Migration to CCF Push Restores Network Visibility After Deprecation

Gigamon connector migrated from deprecated Log Analytics method to CCF push architecture, preventing complete loss of network traffic and threat visibility. Read More →

Cisco Duo Connector: Function Timeout Mitigation and Dependency Security Updates

Fixes timeout-induced ingestion failures in offline enrollment log processing and updates duo-client library for security maintenance. Read More →

Google Kubernetes Engine Connector: Documentation Update Links to Official Microsoft Learn

Google Kubernetes Engine connector documentation updated to reference official Microsoft Learn guides instead of personal repositories. Read More →

IONIX: Migration to CCF RestApiPoller with Enhanced Data Deduplication

Major migration from HTTP Data Collector API to CCF RestApiPoller enabling automatic polling with query-time deduplication for IONIX attack surface management data. Read More →

Logstash Connector: Extended Version Support for Newer Logstash Releases

Documentation update adds support for Logstash versions 8.19.2, 9.0.8, 9.1.10, and 9.2.4-9.2.5. Read More →

IPinfo: Multi-Workspace Support and Function App Deployment Reliability Improvements

Comprehensive update to 17 IPinfo connectors enhancing deployment reliability with runtime pinning, dependency fixes, and multi-workspace DCR support. Read More →

Lookout Connector: Critical DCR Transform Fix Restores Mobile Threat Visibility

Critical fix resolves undefined symbol error that prevented Lookout connector creation, restoring mobile threat detection capability. Read More →

Trend Micro Vision One: Azure Storage Account TLS Security Hardening

Critical security hardening update enforces minimum TLS 1.2 for Azure storage accounts in Function App deployment template. Read More →

DataBahn Platform: New CCF Connector for Real-Time Security Telemetry Ingestion

New CCF push connector enables direct ingestion of DataBahn audit logs, alerts, and device inventory into Microsoft Sentinel. Read More →

New CCF Template: Azure Storage Blob Data Connector

New Codeless Connector Framework template enables ingestion from Azure Storage blob containers via event-driven data flows. Read More →

Cyren Threat Intelligence: Critical Fix for 1,535:1 Duplicate Data Ingestion

Configuration updates eliminate massive duplicate indicator ingestion caused by small page sizes and frequent polling intervals. Read More →

Zscaler Internet Access: Major Platform Modernization with CloudNSS CCP Connectors

Complete solution overhaul replaces legacy connectors with 15 CloudNSS CCP connectors and 12 OAuth2 playbooks for enhanced Zscaler integration. Read More →

Microsoft Sentinel Logstash Plugin: Passwordless Authentication with Managed Identity Support

Logstash output plugin enhanced with managed identity authentication for Azure VMs, AKS workload identity, and Azure Arc servers. Read More →

Visa Threat Intelligence Solution: Initial Package Release with IOC Detection Rules

New Visa Threat Intelligence (VTI) solution providing IOC feeds via DCR connector with high-severity detection rules for domains and file hashes. Read More →

JoeSandbox Solution: Updated Deployment Links and Removed Manual Installation Steps

JoeSandbox solution deployment documentation updated with corrected Azure links and streamlined automated deployment options. Read More →

MailRisk CCF Connector: Critical Parameter Syntax Fix for Deployment Failures

Fixed CCF deployment blocking issue in MailRisk connector caused by incorrect ARM template parameter extraction syntax. Read More →

Lumen Threat Feed: V2 Connector Replaces Deprecated V1.1 with Paginated API Support

Lumen Defender Threat Feed solution updated with V2 connector using new API v3 endpoint, removing deprecated V1.1 connector entirely. Read More →

Tenable App: Enhanced Rsyslog Configuration with Source IP Filtering

Additional rsyslog configuration files added with source IP filtering capabilities to improve log collection accuracy and data connector UI guidance. Read More →

SAP Solution: Agentless Integration Suite Tooling Added for Enhanced ERP Connectivity

New PowerShell tooling enables agentless SAP data collection via Integration Suite with dual-mode credentials and CSV-based destination management. Read More →