XBOW: API Version 2026-04-01 Upgrade Enriches Assessment Data with Attack Credits and Events

XBOW connector upgrades to latest API version, adding attack credits tracking and recent event details to assessment ingestion for improved offensive security visibility. Read More →

ESET PROTECT Platform: Delta Token Migration Eliminates Data Gaps from Timestamp Filtering

ESET connector switches from unreliable timestamp filtering to delta tokens, closing potential data loss gaps during high-volume ingestion periods. Read More →

Illumio Insights Graph: New Network Traffic Analysis and Threat Intelligence Connector

New CCF-based connector ingests Illumio AI-powered threat discovery reports with network flow analysis, geographic context, and MITRE ATT&CK framework integration. Read More →

Fortra Agari CCF Connector: Modern Email Security Data Ingestion

Fortra Agari transitions from Azure Functions to CCF framework, restoring Brand Protection, Phishing Defense, and Phishing Response visibility with DCR-based ingestion. Read More →

Function App Security: Access Control Hardening Across Multiple Data Connectors

Function keys now required for HTTP-triggered functions in Zoom, Zscaler, FortiGate, Cofense, Illumio, and Infoblox connectors—removing anonymous access vulnerability. Read More →

New Strider Shield Threat Intelligence Connector for Email Security Monitoring

NVISO introduces Strider Shield CCF connector enabling ingestion of email threat intelligence data across five data streams targeting phishing and BEC protection. Read More →

SailPoint IdentityNow: New CCF Connector with Dual Parser Support (v3.0.1)

SailPoint IdentityNow now supports CCF ingestion with new schema parsers alongside backward compatibility for existing Function App deployments. Read More →

Elastic Agent CCF Connector: Replacing Deprecated HTTP Collector API

ElasticAgent connector migrated to CCF framework to maintain system monitoring capability as HTTP Collector API approaches deprecation. Read More →

Red Sift Solution: New CCF Data Connector and Email Security Detections

Red Sift adds CCF-based email and authentication monitoring with 5 detection rules for phishing and account compromise scenarios. Read More →

Abnormal Security CCF Connector: Critical Fix Restores Email Threat Detection After Complete Ingestion Failure

Fixes DCR transform errors, table deployment issues, and stream routing that prevented all data ingestion from Abnormal Security’s CCF Push connector since v3.0.0 launch. Read More →

Salesforce Audit Visibility: New CCF Connector for Administrative Change Tracking

New Salesforce Audit Logs connector provides visibility into administrative changes and user authentication events across Salesforce orgs. Read More →

NXLog Solutions Deprecated: Loss of Multi-Platform Audit Visibility

Five NXLog partner solutions removed from Content Hub, eliminating data connector support for BSM macOS, FIM, Linux Audit, AIX Audit, and DNS monitoring across Unix/Linux environments. Read More →

Zimperium MTD: New CCF Push Connector for Mobile Threat Telemetry

Zimperium Mobile Threat Defense migrates to CCF-based push connector, replacing deprecated Azure Function ingestion before June 2026 deadline. Read More →

Cyjax Connector: Security and Code Quality Fixes Applied

Addressed lint issues, package vulnerabilities, and code vulnerabilities in Cyjax threat intelligence connector. Read More →

Cisco Duo Connector: API Throttling Resilience Improved for Log Ingestion

Doubled retry delay to 120 seconds to address Duo API throttling requirements preventing log collection. Read More →

GitHub Advanced Security Parser Migration: CLv2 Compatibility and Schema Updates

Critical fix migrates GitHub parsers and workbooks to support CLv2 ingestion table and updated GitHub alert event schemas, ensuring compatibility across V1 and V2 deployments. Read More →

BloodHound Enterprise: Function App Upgrade Fixes Data Collection and Ingestion Gaps

Deployment source moved to stable Microsoft repo, custom table schemas fixed, and Function App ingestion enhanced for reliable attack path visibility. Read More →

Visa Threat Intelligence: Connector Description Update for Certification

Updated Data Connector description in Visa Threat Intelligence solution to resolve certification failure. Read More →

ZeroFox Digital Risk Protection: Complete CCF Migration with Dual Solution Architecture

ZeroFox splits legacy connector into dedicated Alerts and Threat Intelligence solutions using modern CCF architecture with 17 specialized data streams. Read More →

MISP2Sentinel: Critical Table Reference Fix for Upload Indicators API

MISP threat intelligence connector was broken due to incorrect table reference — deployments had zero indicator ingestion until this fix. Read More →