Microsoft Threat Intelligence TAXII Export Connector Moves to General Availability

Microsoft’s TAXII Export connector for Threat Intelligence objects is now GA, removing preview limitations for production TI sharing workflows. Read More →

Salesforce Service Cloud Connector: Enhanced Event Log Coverage and Multi-Domain Support

Major connector upgrade introduces comprehensive event field collection and multi-tenant monitoring capabilities. Read More →

Joe Sandbox Solution: ARM Template Fixes and IOC Handling Improvements

Joe Sandbox solution updated to v3.0.1 with Azure template fixes, updated storage API versions, and improved IOC processing in playbooks. Read More →

Abnormal Security CCF Connector: Schema Alignment Fixes Column Visibility Gaps

Abnormal Security CCF connector v3.0.1 fixes table column naming to match Microsoft Log Analytics output, restoring access to previously missing metadata fields. Read More →

Azure DevOps Auditing: Fixing Broken Connector After Parameter Mismatch

Critical configuration fix resolves parameter name mismatch that prevented Azure DevOps audit log ingestion entirely. Read More →

CrowdStrike Falcon Data Replicator: Incorrect Deprecation Reversed, Connector Restored to Active Status

CrowdStrike’s Function App-based data replicator was incorrectly deprecated and has been restored to active status to maintain government deployment support. Read More →

Upwind Connector: Function App Deployment Fixed After Broken Code Deployment

Upwind connector Function App deployment was failing due to incorrect zip structure and ARM template configuration - fixed with flat zip layout and implicit hosting plan. Read More →

GreyNoise Threat Intelligence: Packaging Fixes and Security Improvements

Fixed Function App deployment packaging errors and improved security by converting ARM template secrets to secure strings. Read More →

Cloudflare Connector: Critical DCR Fix Restores Data Ingestion After Field Mapping Failures

Fixed DCR transformKql failures for Type field and invalid data types that were preventing Cloudflare log ingestion. Read More →

Logstash Output Plugin: Documentation Update for Version 2.1.1

Version bump to 2.1.1 with efficiency improvements noted but no connector logic changes. Read More →

ZoomReports: Cloud Recording API Polling Optimized to Reduce Data Duplication

Updates polling interval from 2-day to 1-day window with 1-day delay to eliminate duplicate Zoom cloud recording logs. Read More →

Qualys KB Connector Now GA: Production-Ready Vulnerability Intelligence

Qualys Knowledge Base connector moves from Preview to General Availability, providing production-grade vulnerability intelligence ingestion with enhanced monitoring capabilities. Read More →

Qualys VM Connector: API Version 5.0 Migration Before Deprecation

Qualys VM connector upgraded from API v3.0 to v5.0 to prevent June deprecation cutoff impacting vulnerability data ingestion. Read More →

Zoom Connector GA Release: Enhanced Data Ingestion with New Table Schema

ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →

Seraphic Web Security: Upgraded to v3.0.0 Content Schema with Enhanced Polling

Seraphic Web Security solution upgraded to v3.0.0 schema with polling v3.0, health checks, and corrected connectivity criteria. Read More →

Salesforce Service Cloud Connector: Enhanced Event Coverage and OAuth2 Support

Salesforce connector v3.1.0 adds comprehensive Event Log File coverage and OAuth2 username-password authentication for improved deployment flexibility. Read More →

GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion

New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →

Bitdefender GravityZone: New Push-Based Security Data Connector for Sentinel

New GravityZone solution brings enterprise endpoint threat data directly to Sentinel via DCR-based push ingestion without bundled detections. Read More →

Lookout Connector: Critical ARM Template Fix Restores Mobile Threat Data Ingestion

Fixed bracket escaping bug in ARM template that caused complete Lookout connector deployment failure. Read More →

Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel

New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →