Darktrace CCF Migration: New ActiveAI Security Platform Connector Replaces Legacy REST API

New CCF-based Darktrace connector with enhanced visibility across six data streams and modernized detection logic. Read More →

UniFi Site Manager: New CCF Solution Adds Network Infrastructure Monitoring and Attack Surface Coverage

Community solution deploys 21 detections for UniFi network security posture, ISP performance degradation, and infrastructure defense evasion tactics. Read More →

Utimaco ESKM Integration: Enterprise Key Management Monitoring Arrives in Sentinel

New solution enables Microsoft Sentinel monitoring of Utimaco Enterprise Secure Key Manager KMIP operations and authentication events. Read More →

Akamai Guardicore v3.1.0: Function App Eliminated, CCF Migration Simplifies Microsegmentation Monitoring

Akamai Guardicore connector migrates from Azure Functions to Codeless Connector Framework, removing infrastructure overhead while preserving microsegmentation visibility. Read More →

Google SecOps Integration: New Detection Pipeline Connects Chronicle to Sentinel

Microsoft Sentinel gains visibility into Google Chronicle security detections through new connector and parsers. Read More →

CCF Blob Connector Accelerator: Developer Reference Implementation for Event-Driven Log Ingestion

New tool provides ISV partners with complete end-to-end CCF StorageAccountBlobContainer connector pattern including automated deployment and reference solution. Read More →

Imperva Cloud WAF: Critical Parsing Fix Restores Visibility for Complex Events

Imperva Cloud WAF connector switched to CommonEventFormatTransformer, fixing data ingestion failures for logs containing embedded quotes and pipes in CEF events. Read More →

Field Effect MDR Integration: New CCF Connector Delivers Cloud-Based Threat Detection

Field Effect MDR solution adds Microsoft Sentinel ingestion for ARO (Automated Response Operations) alerts via CCF, expanding managed detection coverage. Read More →

MuleSoft CloudHub: CCF Alerts Connector Expands DevOps Monitoring Coverage

New CCF connector adds alert ingestion capability to existing MuleSoft CloudHub logs solution, enabling comprehensive application lifecycle monitoring. Read More →

Cisco ETD: Migration to Message Event Logs API with Enhanced Email Security Visibility

Labeled P0 — assess deployment or pipeline breakage risk explicitly. Complete connector overhaul migrates to new Message Event Logs REST API providing enhanced email visibility beyond convicted messages. Read More →

Contrast ADR: Enhanced Attack Event Schema with Code Location and Vector Analysis Fields

CCF connector schema updated to capture additional attack context with codeLocation, vectorAnalysis, and request_parameters fields for improved threat analysis. Read More →

StealthTalk: New Enterprise Authentication Monitoring Solution with MITRE-Mapped Detection Portfolio

Complete StealthTalk Enterprise solution delivers four analytic rules targeting credential attacks (T1078, T1110, T1098) plus ASIM Authentication parsers and Teams integration. Read More →

MuleSoft CloudHub: CCF Push Connector Eliminates API Rate Limits and Duplicate Data Issues

MuleSoft deploys real-time Log4j HTTP appender connector via CCF, offering customers performance alternative to existing Azure Function connector. Read More →

Microsoft 365 Audit Pipeline: Two New CCF Connectors Fill Copilot, DLP, and Specialty Workload Visibility Gap

New dual-connector CCF solution ingests 30 Microsoft 365 audit workloads including Copilot interactions, DLP events, and 29 specialty services into a unified 321-column schema. Read More →

Cyren Threat Intelligence: Data Fidelity Fix Corrects IP Field Pollution by URL UUIDs

DCR transform fix stops storing malware URL UUIDs in IP fields — improves data quality for threat intelligence queries. Read More →

Pathlock TDnR Connector: Critical JSON Fix Restores Deployment Capability

Invalid JSON in Pathlock TDnR connector definition blocked deployment via strict parsers — critical fix for P0 issue. Read More →

Valimail Enforce Solution: Publisher Name Typo Corrected in Sentinel UI

Fixes misspelled publisher name from Valimmail to Valimail in the Data Connector configuration UI. Read More →

Digital Shadows: Updated EventReportUrl to Use GreyMatter Platform Links

Digital Shadows analytic rules now use server-provided GreyMatter URLs instead of deprecated portal links, preventing broken URL entities in Sentinel incidents. Read More →

Vaikora Connector: Zero Data Ingestion Fixed After DCR Stream Mapping Failure

Critical fix restores Vaikora AI agent behavioral data after complete ingestion failure caused by DCR stream column mismatch. Read More →

Lookout Connector: Critical Data Loss Fix for Mobile Threat Event Identifiers

Lookout Mobile Risk API v2 connector was silently dropping unique event identifiers (oid field), breaking all downstream correlation in detections and workbooks. Read More →