Microsoft Security Copilot: Six New Detections for AI Assistant Abuse
New analytic rules target jailbreak attempts, external access, plugin tampering, and file upload disabling - covering major AI security attack vectors. Read More →
New analytic rules target jailbreak attempts, external access, plugin tampering, and file upload disabling - covering major AI security attack vectors. Read More →
Clarifies connector description to specify M365 Copilot and Security Copilot coverage alongside general improvements. Read More →
New data connector for AI agent behavior monitoring brings telemetry from A365, AI Foundry, and Copilot into Microsoft Sentinel for security investigations. Read More →
Two new asset tables (EntraDevices, EntraOrgContacts) added to Microsoft Entra ID connector for BloodHound graph building and complete asset enumeration. Read More →
Azure DevOps Auditing solution repackaged with updated description removing outdated streaming configuration text references. Read More →
Updated SUNSPOT malware detection rule with corrected reference link formatting and MITRE technique mapping fixes across multiple solutions. Read More →
Corrected malformed version numbers in Microsoft Teams threat hunting queries from invalid “l.0.0” to proper “1.0.0” format. Read More →
Updated outdated links and corrected MITRE ATT&CK technique mapping in detection rules across Microsoft Business Applications, Microsoft Defender XDR, and Windows Security Events solutions. Read More →
Microsoft Copilot connector fixes critical table reference issue, standardizing on official CopilotActivity table name across all components. Read More →
Fixes SrcHostname resolution logic and IpAddr aliases in Microsoft Windows Event and SSH authentication parsers. Read More →
Extended Teams protection hunting coverage with queries for partner impersonation, admin submissions, and external sender analysis. Read More →
New hunting queries added to detect malicious URL clicks, ZAP events, and user submissions in Microsoft Teams. Read More →
New VMware ESXi detection for multiple failed SSH login attempts, plus comprehensive solution updates across 15+ vendor solutions. Read More →