Zoom Data Connector: Legacy Azure Function Files Removed from Standalone Location

Legacy Zoom connector files removed from DataConnectors folder — connector has been migrated to Solutions/ZoomReports. Read More →

Pathlock TD&R: Major Detection Coverage Expansion with 77 New SAP-Focused Analytic Rules

Pathlock Threat Detection & Response adds 77 comprehensive SAP security analytic rules covering ABAP changes, user activities, system modifications, and financial data access. Read More →

CyberArk EPM: Migration to DCR and OAuth Authentication Replaces Deprecated Log Analytics API

CyberArk EPM connector updated to use DCR ingestion and OAuth authentication, addressing deprecation of Log Analytics API and improving security. Read More →

BeyondTrust PM Cloud: Function App Reliability Fix Prevents Timeout on Large Event Backlogs

Critical fix prevents BeyondTrust PM Cloud Function App timer functions from hanging when processing large event backlogs, restoring data ingestion reliability. Read More →

GitHub Audit Log Connector: Azure Storage Integration Addresses API Rate Limits

New Azure Storage-based GitHub Enterprise audit log connector overcomes CCF API rate limitations through Event Grid blob notifications. Read More →

Filewall for Microsoft 365: New Solution Adds Data Exfiltration Detection for Exchange and Files

Complete CCF-based solution delivers real-time monitoring of blocked emails and files across Microsoft 365 services with immediate threat alerting. Read More →

Microsoft Agent Identities Connector: New Entra Non-Human Identity Asset Visibility (Preview)

Agent 365 solution adds new Microsoft Agent Identities connector for tracking agent blueprints and non-human identity assets across four data tables. Read More →

Cisco Umbrella CCF: Public Preview Expands Data Visibility with 10 New Log Tables

New Codeless Connector Framework introduces comprehensive log coverage across DNS, web traffic, cloud firewall, admin audit, DLP, file events, IPS, VPN and Zero Trust access for enhanced threat detection. Read More →

Oracle Cloud Infrastructure CCF Connector: IAM Permissions Guidance Added

OCI connector UI updated with explicit IAM policy requirements for stream consumption authorization alongside API signing key authentication. Read More →

42Crunch API Protection: Critical Migration from Legacy HTTP Collector to CCF Push Connector

Migration addresses deprecated HTTP Data Collector API by implementing CCF OAuth2/Entra ID ingestion — deployments on legacy connector face imminent data loss. Read More →

Logstash Output Plugin: Version 2.2.1 with Enhanced Logging and Security Warnings

Microsoft Sentinel Logstash plugin updated to v2.2.1 with improved batch logging and comprehensive security warnings for vulnerable Logstash versions. Read More →

CrowdStrike API Connector: Multi-Domain Support for Enterprise Deployments

CrowdStrike API connector now supports multiple domain configurations with unique aliases, enabling organizations to ingest data from different CrowdStrike instances simultaneously. Read More →

Airlock Digital Solution: Application Control Visibility for Endpoint Security

New CCF connector enables ingestion of Airlock Digital application control logs, providing execution monitoring and file activity visibility to detect unauthorized software execution. Read More →

NordStellar CCF Push Connector: Real-time Threat Intelligence Integration Now Available

New NordStellar solution delivers real-time threat intelligence and exposure monitoring via CCF Push architecture to unified NordStellar_CL table. Read More →

AWS S3 and CrowdStrike Connectors: Non-Analytics Tier Query Support for Basic/Auxiliary Plans

AWS S3 and CrowdStrike Falcon S3 Data Replicator connectors now support Usage table fallback queries for deployments using Basic/Auxiliary Log Analytics plans. Read More →

Bitdefender GravityZone Solution v3.0.1 Adds Incident Analytics for Endpoint and Email Protection

Complete Microsoft Sentinel solution integrating Bitdefender GravityZone multi-vector threat detection with DCR-based ingestion and XDR correlation. Read More →

Sonrai Security CCF Connector: New Cloud Security Posture Visibility

Sonrai Security compliance tickets now integrate directly with Microsoft Sentinel through a new CCF push connector. Read More →

BitSight: Function App to CCF Migration Restores Third-Party Risk Visibility

Legacy Function App connector replaced with two CCF connectors for independent security statistics and events ingestion. Read More →

VMware Workspace ONE: New CCF Connector for UEM Device and Application Visibility

VMware Workspace ONE Unified Endpoint Management platform now available in Microsoft Sentinel via CCF connector for device compliance monitoring and shadow IT detection. Read More →

OpenAI Connector: Migration to ASIM Standard Improves AI Monitoring Normalization

OpenAI chat completions data now ingests to ASimAgentEventLogs standard table, enabling standardized AI usage monitoring and cross-product correlation. Read More →