Checkmarx SAST Ingestion Playbook: Static Application Security Testing Integration

New playbook for ingesting Checkmarx SAST scan findings into Microsoft Sentinel via DCR/DCE for application vulnerability tracking. Read More →

TheHive Connector: Field Filtering Fix Restores Complete Event Collection

TheHive CCF connector removes excludeFields parameter that was preventing complete event data ingestion. Read More →

Commvault Connector: Migration from Legacy Sentinel API to Modern Logs Ingestion Architecture

Commvault Security IQ connector migrated from deprecated Log Analytics API to Azure Monitor Logs Ingestion API with DCE/DCR architecture. Read More →

Lookout Connector: Critical DCR Transform Fix Restores Mobile Threat Visibility

Critical fix resolves undefined symbol error that prevented Lookout connector creation, restoring mobile threat detection capability. Read More →

Microsoft Sentinel Logstash Plugin: Passwordless Authentication with Managed Identity Support

Logstash output plugin enhanced with managed identity authentication for Azure VMs, AKS workload identity, and Azure Arc servers. Read More →

Visa Threat Intelligence Solution: Initial Package Release with IOC Detection Rules

New Visa Threat Intelligence (VTI) solution providing IOC feeds via DCR connector with high-severity detection rules for domains and file hashes. Read More →

SAP Solution: Agentless Integration Suite Tooling Added for Enhanced ERP Connectivity

New PowerShell tooling enables agentless SAP data collection via Integration Suite with dual-mode credentials and CSV-based destination management. Read More →

Oracle Cloud Infrastructure Connector: Group Cursor Support for OCI Streaming

OCI connector now supports Group Cursor mode alongside Individual Cursor for improved streaming partition consumption flexibility. Read More →

Miro Solution: New Enterprise Collaboration Security and Compliance Monitoring

New Miro solution added with CCF connectors for audit logs and content logs to enable collaboration platform security monitoring. Read More →

Microsoft Copilot Connector — Critical Table Name Update from LLMActivity to CopilotActivity

Microsoft Copilot connector fixes critical table reference issue, standardizing on official CopilotActivity table name across all components. Read More →

Ermes Browser Security Connector — Enhanced Data Fidelity and Multi-Tenant Support

CCF connector update fixes timestamp extraction, adds configurable API endpoints, and expands log data collection for better event visibility. Read More →

Lookout Mobile Security: Parser Fixes and Executive Dashboard Enhancement

Lookout solution updated to v3.0.1 with parser fixes, comprehensive security dashboards, and enhanced analytic rules. Read More →

SOC Prime Platform: New CCF Connector for Audit Log Visibility

New SOC Prime Platform audit logs data connector added using CCF framework, providing visibility into SOC Prime TDM platform user activities and administrative actions. Read More →

Snowflake Connector: Data Parsing Logic Restored After SQL Query Malformation

Critical fix to Snowflake connector data parsing logic, switching from array-based extraction to proper JSON field extraction, restoring visibility across all log types. Read More →

Salesforce Service Cloud Connector: Column Name Bug Fix Plus Multi-Solution Updates

Fixed critical column name mapping bug in Salesforce Service Cloud CCF connector preventing proper data ingestion. Read More →

ZeroFox Enterprise: New CCF Connector Replaces Deprecated CCP Implementation

ZeroFox alert ingestion modernized with CCF-based connector, replacing deprecated CCP framework. Read More →

Open Systems Connector: aiohttp Security Update 3.10.11→3.12.14 Plus Multi-Solution Changes

Open Systems connector updated aiohttp dependency addressing potential security vulnerabilities, bundled with extensive solution packaging updates. Read More →

Check Point Cyberint Alerts: DCR Transform Fix and Customer Name Header Addition

Check Point Cyberint Alerts connector v3.0.1 fixes DCR formatting and adds customer name header for proper API authentication. Read More →

Cyera DSPM Solution: New Data Security Posture Management Integration

New solution added for Cyera DSPM providing data security monitoring with both CCF and Function App connectors. Read More →

Varonis Purview: New Push Connector for Microsoft Purview Data Governance Integration

New solution providing push connector to sync Varonis data resources into Microsoft Purview via Sentinel data lake. Read More →