D3 Smart SOAR Integration: New CCF Connector Enables SOAR Incident Visibility

New connector integrates D3 Smart SOAR incidents into Microsoft Sentinel via CCF, providing SOC teams centralized visibility into automated response activities. Read More →

AWS EKS Connector: New Public Preview for Kubernetes Audit Log Security Monitoring

New CCF-based solution ingests Amazon Elastic Kubernetes Service audit logs via SQS for real-time cluster security monitoring. Read More →

FortiGate ASIM Authentication Parser: New Visibility for Fortinet Administrative Access Events

New ASIM parser adds normalised authentication monitoring for FortiGate administrator login and logout events. Read More →

Azure Key Vault ASIM Parser: New Audit Event Normalization for Critical Key Management Monitoring

Azure Key Vault audit events can now be analyzed using ASIM schema, enabling standardized detection across vault, secret, key, and certificate operations. Read More →

NetApp Ransomware Resilience: New Automated Incident Response Solution

NetApp introduces modular playbooks for automated ransomware protection, enabling SOC teams to investigate, snapshot, and isolate compromised storage volumes via Microsoft Sentinel integration. Read More →

IPinfo Solution: Three New Data Connectors with Enhanced OAuth Authentication

IPinfo v3.0.3 adds Core, Plus, and Residential Proxy data connectors with robust Azure AD OAuth exception handling to prevent authentication blind spots. Read More →

ASIM Asset Entity Schema: New Schema Foundation for Asset Management

Introduces complete ASIM Asset Entity schema with parsers, empty templates, and CI integration to enable asset-centric security monitoring. Read More →

AMA Version Tracking: New Function for Azure Monitor Agent Deployment Management

New KQL function enables SOC teams to audit Azure Monitor Agent versions across their Sentinel deployment for maintenance and security compliance tracking. Read More →

TheHive Incident Response: New CCF Connector for SOAR Platform Integration

Microsoft Sentinel gains native ingestion from TheHive security incident response platform via CCF connector, enabling case management visibility and response workflow correlation. Read More →

Rapid7 InsightVM: New CCF Connector Expands Vulnerability Management Data Ingestion Options

Rapid7InsightVM solution adds CCF-based data connector for cloud-native ingestion alongside legacy Function App connector, enhancing deployment flexibility for vulnerability management visibility. Read More →

CyberArk Audit: New CCF Connector Alternative Replaces Function App Dependency

CyberArk adds CCF-based connector to eliminate Azure Functions dependency for audit data ingestion. Read More →

New Trellix Endpoint Security: CCF Connector Unlocks ePO Threat Visibility in Sentinel

New solution delivers Trellix ePO endpoint security events via CCF with OAuth2 authentication and comprehensive threat intelligence data. Read More →

DataBahn Platform: New CCF Connector for Real-Time Security Telemetry Ingestion

New CCF push connector enables direct ingestion of DataBahn audit logs, alerts, and device inventory into Microsoft Sentinel. Read More →

ASIM FileEvent Parser: New AWS CloudTrail S3 Support Added

New FileEvent parser enables normalized S3 object activity monitoring from AWS CloudTrail logs across bucket operations and object lifecycle events. Read More →

New CCF Template: Azure Storage Blob Data Connector

New Codeless Connector Framework template enables ingestion from Azure Storage blob containers via event-driven data flows. Read More →

Threat Intelligence: URL IOC Detection Added for Web Session Monitoring

New Analytic Rule enables detection of malicious URLs from threat feeds in web traffic, closing coverage gap for URL-based indicators. Read More →

Visa Threat Intelligence Solution: Initial Package Release with IOC Detection Rules

New Visa Threat Intelligence (VTI) solution providing IOC feeds via DCR connector with high-severity detection rules for domains and file hashes. Read More →

Azure Firewall: Five New IDPS Analytic Rules for Advanced Threat Detection

Azure Firewall solution expanded with 5 new analytic rules targeting high/medium severity threats, DDoS attacks, web application attacks, and privilege escalation attempts. Read More →

ASIM User Management: AWS CloudTrail Parser Enables IAM and Cognito Visibility

New ASIM parser normalizes AWS CloudTrail user management events from IAM and Cognito services into Microsoft Sentinel. Read More →

SAP Solution: Agentless Integration Suite Tooling Added for Enhanced ERP Connectivity

New PowerShell tooling enables agentless SAP data collection via Integration Suite with dual-mode credentials and CSV-based destination management. Read More →