GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion

New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →

Bitdefender GravityZone: New Push-Based Security Data Connector for Sentinel

New GravityZone solution brings enterprise endpoint threat data directly to Sentinel via DCR-based push ingestion without bundled detections. Read More →

Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel

New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →

ASIM Agent Event Schema: New Normalization Framework for Security Agent Monitoring

Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms. Read More →

Valimail Enforce Solution: New Email Authentication Monitoring for DMARC/SPF/DKIM Configuration Changes

Complete Valimail Enforce monitoring solution delivers real-time detection of email authentication policy weakening and suspicious admin activity affecting domain security posture. Read More →

SOCRadar XTI Platform: New Extended Threat Intelligence Solution Launches with Bidirectional Sync

SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →

Cyjax Threat Intelligence Platform: Complete Solution for IOC Ingestion and Investigation

New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →

PowerShell Tool Simplifies CLv1 Table Migration Assessment Before September 2026 Deadline

New PowerShell script automates discovery of classic custom log tables and dependency impact assessment for the mandatory HTTP Data Collector API migration. Read More →

Censys Solution: New Related Infrastructure Playbook Enhances Threat Pivot Capabilities

Censys solution adds playbook and workbook for automated infrastructure pivoting and pivot analysis visualization using the Pivot Analysis API. Read More →

QRadar Migration Tool: Streamlining SIEM Detection Rule Migration to Microsoft Sentinel

New Python-based data collector extracts custom QRadar detection rules and building blocks for migration-ready analysis and conversion to Microsoft Sentinel. Read More →

SAP: New Agentless User Blocking Playbook for Defender XDR Integration

New SAP playbook enables automated user blocking via Teams adaptive cards with enhanced support for complex multi-alert incidents from Microsoft Defender XDR. Read More →

D3 Smart SOAR: New Detection for High/Critical Severity Incidents

D3 Smart SOAR solution now includes an Analytic Rule to automatically detect and escalate High or Critical severity incidents from SOAR platform data. Read More →

Contrast ADR: CCF Connector Deployment Unlocks Application Attack Visibility

Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →

Tanium CCF Data Connector: Enhanced Endpoint Visibility with DCR-Based Ingestion

New CCF push connector for Tanium enables endpoint compliance, threat response, and patch data ingestion via DCR streams. Read More →

ASIM Authentication: New Parser for Cisco ISE Administrator Login Events

Added ASIM Authentication parser for Cisco ISE administrator authentication events, expanding centralized network device visibility. Read More →

Microsoft Sentinel Training Lab: Comprehensive Hands-On Security Operations Environment Now Available

New deployment-ready training lab delivers 14 guided exercises with pre-recorded telemetry, detection rules, and automation workflows for practical Microsoft Sentinel skill development. Read More →

Abnormal Security: New CCF Push Connector Adds Multi-Table Email Security Event Routing

Added CCF Push connector with OAuth 2.0 authentication and dedicated tables for 9 event types — modern replacement for Azure Functions ingestion. Read More →

Palo Alto GlobalProtect: New ASIM Authentication Parser for VPN Monitoring

New ASIM parser normalizes GlobalProtect VPN authentication events from CommonSecurityLog table, enabling unified monitoring of gateway and portal authentication across Palo Alto PAN-OS deployments. Read More →

Citrix Analytics: New CCF Push Connector Enables Security Analytics Visibility

New Citrix Analytics CCF solution provides push-based ingestion for SPA and CVAD security events via Azure Monitor Logs Ingestion API. Read More →

ASIM Authentication Schema: VMware vCenter Parser Enables Authentication Monitoring for On-Premises and Azure VMware Environments

New ASIM parser normalizes VMware vCenter authentication events from syslog streams to enable detection coverage across vSphere environments. Read More →