<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Other: CI Config on sentinelchangelog.net</title><link>http://sentinelchangelog.net/tags/other-ci-config/</link><description>Recent content in Other: CI Config on sentinelchangelog.net</description><generator>Hugo -- 0.157.0</generator><language>en</language><lastBuildDate>Fri, 10 Jul 2026 06:05:09 +0000</lastBuildDate><atom:link href="http://sentinelchangelog.net/tags/other-ci-config/index.xml" rel="self" type="application/rss+xml"/><item><title>New Netskope Alerts and Events Solution: DLP, Shadow IT, and Malware Threat Visibility via CCF Blob Storage Connector</title><link>http://sentinelchangelog.net/posts/2026-07-10-pr-14560/</link><pubDate>Fri, 10 Jul 2026 06:05:09 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-07-10-pr-14560/</guid><description>A new Microsoft Sentinel solution delivers full-stack Netskope Security Cloud visibility including DLP incidents, malware detections, policy enforcement, and Shadow IT via a CCF Blob Storage connector ingesting gzip-compressed positional CSV into a 254-column custom table.</description></item><item><title>SentinelOne V2 CCF Connector: UAM GraphQL Alerts Now Visible in Sentinel (Plus Packaging Fix)</title><link>http://sentinelchangelog.net/posts/2026-07-09-pr-14615/</link><pubDate>Thu, 09 Jul 2026 22:44:23 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-07-09-pr-14615/</guid><description>The SentinelOne solution adds a new CCF-based V2 connector ingesting Unified Alert Management (UAM) alerts from the GraphQL API into SentinelOneAlertsV2_CL, closing a blind spot for Wayfinder, cloud, identity, STAR, and third-party detections that the legacy REST connector never surfaced.</description></item><item><title>Untitled</title><link>http://sentinelchangelog.net/posts/2026-07-08-pr-14630/</link><pubDate>Wed, 08 Jul 2026 05:12:41 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-07-08-pr-14630/</guid><description>&lt;p&gt;test&lt;/p&gt;
&lt;h2 id="affected-files"&gt;Affected Files&lt;/h2&gt;
&lt;pre tabindex="0"&gt;&lt;code&gt;.script/tests/KqlvalidationsTests/CustomTables/FrendsAuditLogs_CL.json
DataConnectors/Frends iPaaS/FrendsAuditLogs_CL.json
DataConnectors/Frends iPaaS/FrendsAuditLogs_Sentinel_CCF.json
DataConnectors/Frends iPaaS/README.md
&lt;/code&gt;&lt;/pre&gt;</description></item><item><title>ESET PROTECT Platform: New CCF Connector Adds Native Ingestion for Endpoint Inspect and Cloud Office Security Detections</title><link>http://sentinelchangelog.net/posts/2026-07-02-pr-14614/</link><pubDate>Thu, 02 Jul 2026 19:58:40 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-07-02-pr-14614/</guid><description>A new Codeless Connector Framework connector and updated parser extend ESET PROTECT Platform coverage to three log streams while maintaining backward compatibility with the legacy Function App connector.</description></item><item><title>AI Agents Hunting Queries Migrated to Unified AgentsInfo Table -- Connector-Split Queries Retired</title><link>http://sentinelchangelog.net/posts/2026-07-02-pr-14594/</link><pubDate>Thu, 02 Jul 2026 10:38:59 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-07-02-pr-14594/</guid><description>Seven consolidated AI agent hunting queries now target the unified Defender XDR AgentsInfo table, replacing 26 connector-specific queries split across the A365 and Copilot Studio connectors; existing deployments still running the old AIAgentsInfo-based queries have had no effective hunting coverage since the table split was introduced.</description></item><item><title>New Solution: Vaikora for O365 Brings CTASD-Powered Phishing Quarantine Telemetry into Microsoft Sentinel</title><link>http://sentinelchangelog.net/posts/2026-06-25-pr-14289/</link><pubDate>Thu, 25 Jun 2026 11:56:08 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-25-pr-14289/</guid><description>A brand-new Sentinel solution for Vaikora for O365 (by Data443) adds three Analytic Rules over the VaikoraO365_Quarantine_CL custom table &amp;ndash; covering high-confidence phishing/suspected quarantine events, abnormal quarantine volume spikes, and engine-offline detection &amp;ndash; plus an incident-response Playbook and a quarantine dashboard Workbook.</description></item><item><title>Darktrace CCF Connector: Account Entity Mapping Added to Analytic Rules, Closing SaaS Identity Correlation Gap</title><link>http://sentinelchangelog.net/posts/2026-06-25-pr-14546/</link><pubDate>Thu, 25 Jun 2026 11:35:07 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-25-pr-14546/</guid><description>Two Darktrace Analytic Rules now map user account names as Account entities for SaaS/identity-based incidents, and the DarktraceIncidents_CL table gains a modelBreaches field exposing the full chain of associated model alerts &amp;ndash; data that was previously absent from incident context.</description></item><item><title>Cybersixgill Actionable Alerts: CCF Connector Added with Unified Parser Bridging Legacy and New Tables</title><link>http://sentinelchangelog.net/posts/2026-06-25-pr-14524/</link><pubDate>Thu, 25 Jun 2026 11:34:30 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-25-pr-14524/</guid><description>The Cybersixgill Actionable Alerts solution adds a new CCF-based data connector alongside a unified parser that abstracts both the legacy Azure Function table (CyberSixgill_Alerts_CL) and the new CCF table (CyberSixgillAlertsV2_CL), ensuring hunting queries and workbooks continue working regardless of which connector is deployed.</description></item><item><title>iboss Solution 3.1.3: New Malware and C2 Analytic Rules for Web Gateway Telemetry</title><link>http://sentinelchangelog.net/posts/2026-06-25-pr-14525/</link><pubDate>Thu, 25 Jun 2026 06:26:43 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-25-pr-14525/</guid><description>iboss Solution 3.1.3 ships two new Scheduled Analytic Rules that surface malware detections and C2 communications flagged by the iboss gateway, closing a detection gap for organizations relying solely on raw CommonSecurityLog ingestion.</description></item><item><title>New ASIM WebSession Parser Brings AWS WAF Traffic into Normalized Detection Coverage</title><link>http://sentinelchangelog.net/posts/2026-06-22-pr-14496/</link><pubDate>Mon, 22 Jun 2026 21:57:23 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-22-pr-14496/</guid><description>AWS WAF web session logs can now be ingested and normalized via the ASIM WebSession schema, enabling source-agnostic detections against WAF allow/block/challenge/captcha decisions from the AWSWAF table.</description></item><item><title>CrowdStrike Falcon AlertEvent ASIM Parser: Falcon Detections Now Normalised into Unified Alert Schema</title><link>http://sentinelchangelog.net/posts/2026-06-19-pr-14488/</link><pubDate>Fri, 19 Jun 2026 23:45:23 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-19-pr-14488/</guid><description>A new ASIM AlertEvent parser for CrowdStrike Falcon ingested via CCF normalises detection data from the CrowdStrikeDetections table into the ASIM AlertEvent schema, enabling source-agnostic detection and hunting queries across EDR alert data.</description></item><item><title>Microsoft Defender XDR: OAuth and Device-Code Phishing Hunting Queries Unblocked After ARM-TTK Pipeline Failure</title><link>http://sentinelchangelog.net/posts/2026-06-18-pr-14472/</link><pubDate>Thu, 18 Jun 2026 05:58:50 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-18-pr-14472/</guid><description>Two Defender XDR hunting queries targeting OAuth consent and device-code phishing were blocked from pipeline validation due to ARM-TTK hardcoded URI false positives; KQL refactored to construct URLs via strcat(), restoring deployment and preserving detection semantics.</description></item><item><title>Netskope Security Cloud Joins ASIM AlertEvent Schema â Threats Now Normalised from NetskopeAlerts_CL</title><link>http://sentinelchangelog.net/posts/2026-06-17-pr-14493/</link><pubDate>Wed, 17 Jun 2026 18:29:45 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-17-pr-14493/</guid><description>A new ASIM AlertEvent parser for Netskope Security Cloud normalises DLP, malware, C2, IPS, compromised credential, UBA, and policy alerts from the NetskopeAlerts_CL table into the standard AlertEvent schema, enabling source-agnostic detections and hunting across Netskope data.</description></item><item><title>ASIM Parser CI Workflows Fixed: File-Not-Found Errors Were Silently Skipping All Parser Tests</title><link>http://sentinelchangelog.net/posts/2026-06-16-pr-14499/</link><pubDate>Tue, 16 Jun 2026 22:44:02 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-16-pr-14499/</guid><description>The ASIM parser schema and data ingestion test workflows were failing to read parser YAML and sample data files at runtime due to broken URL-based file access; this fix switches to local filesystem reads, restoring test coverage for all modified ASIM parsers.</description></item><item><title>ASIM Template Validation: Reliability Fix for Flaky Test Results and Performance Optimization</title><link>http://sentinelchangelog.net/posts/2026-06-12-pr-14469/</link><pubDate>Fri, 12 Jun 2026 20:19:55 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-12-pr-14469/</guid><description>ASIM parser validation workflow updated to use local repository files instead of raw GitHub URLs, fixing malformed URL issues causing test failures.</description></item><item><title>ASIM Validator Infrastructure: Schema Testing Migrated to Remote Download Pattern</title><link>http://sentinelchangelog.net/posts/2026-06-12-pr-14473/</link><pubDate>Fri, 12 Jun 2026 19:59:54 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-12-pr-14473/</guid><description>ASIM parser validation tooling updated to download ASimSchemaTester from GitHub instead of using hardcoded inline function.</description></item><item><title>UniFi Site Manager: New CCF Solution Adds Network Infrastructure Monitoring and Attack Surface Coverage</title><link>http://sentinelchangelog.net/posts/2026-06-12-pr-14253/</link><pubDate>Fri, 12 Jun 2026 10:15:11 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-12-pr-14253/</guid><description>Community solution deploys 21 detections for UniFi network security posture, ISP performance degradation, and infrastructure defense evasion tactics.</description></item><item><title>Utimaco ESKM Integration: Enterprise Key Management Monitoring Arrives in Sentinel</title><link>http://sentinelchangelog.net/posts/2026-06-12-pr-14306/</link><pubDate>Fri, 12 Jun 2026 07:51:50 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-12-pr-14306/</guid><description>New solution enables Microsoft Sentinel monitoring of Utimaco Enterprise Secure Key Manager KMIP operations and authentication events.</description></item><item><title>Akamai Guardicore v3.1.0: Function App Eliminated, CCF Migration Simplifies Microsegmentation Monitoring</title><link>http://sentinelchangelog.net/posts/2026-06-12-pr-14225/</link><pubDate>Fri, 12 Jun 2026 07:01:44 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-12-pr-14225/</guid><description>Akamai Guardicore connector migrates from Azure Functions to Codeless Connector Framework, removing infrastructure overhead while preserving microsegmentation visibility.</description></item><item><title>Google SecOps Integration: New Detection Pipeline Connects Chronicle to Sentinel</title><link>http://sentinelchangelog.net/posts/2026-06-12-pr-14200/</link><pubDate>Fri, 12 Jun 2026 07:00:27 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-12-pr-14200/</guid><description>Microsoft Sentinel gains visibility into Google Chronicle security detections through new connector and parsers.</description></item><item><title>Field Effect MDR Integration: New CCF Connector Delivers Cloud-Based Threat Detection</title><link>http://sentinelchangelog.net/posts/2026-06-11-pr-14046/</link><pubDate>Thu, 11 Jun 2026 08:21:17 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-11-pr-14046/</guid><description>Field Effect MDR solution adds Microsoft Sentinel ingestion for ARO (Automated Response Operations) alerts via CCF, expanding managed detection coverage.</description></item><item><title>Solutions Analyzer v9.8: Connector Discovery Accuracy and Documentation Deep-Links</title><link>http://sentinelchangelog.net/posts/2026-06-10-pr-14425/</link><pubDate>Wed, 10 Jun 2026 03:39:39 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-10-pr-14425/</guid><description>Enhanced Solutions Analyzer tooling improves connector discovery accuracy and adds artifact deep-linking for external integrations.</description></item><item><title>ASIM Parser Testing: Bitdefender GravityZone Validation Conflict Resolved</title><link>http://sentinelchangelog.net/posts/2026-06-08-pr-14411/</link><pubDate>Mon, 08 Jun 2026 21:41:50 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-08-pr-14411/</guid><description>Removes duplicate CustomFunction test shim causing KQL validation failures after parser merge.</description></item><item><title>Lookout Connector: Critical Data Loss Fix for Mobile Threat Event Identifiers</title><link>http://sentinelchangelog.net/posts/2026-06-05-pr-14286/</link><pubDate>Fri, 05 Jun 2026 10:14:45 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-05-pr-14286/</guid><description>Lookout Mobile Risk API v2 connector was silently dropping unique event identifiers (oid field), breaking all downstream correlation in detections and workbooks.</description></item><item><title>Filewall for Microsoft 365: New Solution Adds Data Exfiltration Detection for Exchange and Files</title><link>http://sentinelchangelog.net/posts/2026-06-04-pr-13449/</link><pubDate>Thu, 04 Jun 2026 10:47:14 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-04-pr-13449/</guid><description>Complete CCF-based solution delivers real-time monitoring of blocked emails and files across Microsoft 365 services with immediate threat alerting.</description></item><item><title>Cisco Umbrella CCF: Public Preview Expands Data Visibility with 10 New Log Tables</title><link>http://sentinelchangelog.net/posts/2026-06-01-pr-14378/</link><pubDate>Mon, 01 Jun 2026 14:34:58 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-06-01-pr-14378/</guid><description>New Codeless Connector Framework introduces comprehensive log coverage across DNS, web traffic, cloud firewall, admin audit, DLP, file events, IPS, VPN and Zero Trust access for enhanced threat detection.</description></item><item><title>ASIM Parser Development Automation: GitHub Copilot Skills for Accelerated Detection Engineering</title><link>http://sentinelchangelog.net/posts/2026-05-29-pr-14383/</link><pubDate>Fri, 29 May 2026 23:39:29 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-29-pr-14383/</guid><description>GitHub Copilot agent skills now automate the complete ASIM parser creation workflow, reducing parser development time from days to hours for security engineers.</description></item><item><title>42Crunch API Protection: Critical Migration from Legacy HTTP Collector to CCF Push Connector</title><link>http://sentinelchangelog.net/posts/2026-05-29-pr-14210/</link><pubDate>Fri, 29 May 2026 16:38:05 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-29-pr-14210/</guid><description>Migration addresses deprecated HTTP Data Collector API by implementing CCF OAuth2/Entra ID ingestion — deployments on legacy connector face imminent data loss.</description></item><item><title>Bitdefender GravityZone Solution v3.0.1 Adds Incident Analytics for Endpoint and Email Protection</title><link>http://sentinelchangelog.net/posts/2026-05-28-pr-13299/</link><pubDate>Thu, 28 May 2026 05:19:38 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-28-pr-13299/</guid><description>Complete Microsoft Sentinel solution integrating Bitdefender GravityZone multi-vector threat detection with DCR-based ingestion and XDR correlation.</description></item><item><title>ASIM AlertEvent Support Added for Bitdefender GravityZone Security Platform</title><link>http://sentinelchangelog.net/posts/2026-05-28-pr-13330/</link><pubDate>Thu, 28 May 2026 05:16:16 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-28-pr-13330/</guid><description>New parsers enable normalization of Bitdefender GravityZone alert data into Microsoft Sentinel ASIM schema for unified threat detection.</description></item><item><title>BitSight: Function App to CCF Migration Restores Third-Party Risk Visibility</title><link>http://sentinelchangelog.net/posts/2026-05-27-pr-14356/</link><pubDate>Wed, 27 May 2026 19:04:26 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-27-pr-14356/</guid><description>Legacy Function App connector replaced with two CCF connectors for independent security statistics and events ingestion.</description></item><item><title>GitHub Actions Security: npm Scripts Disabled and Workflow Permissions Tightened</title><link>http://sentinelchangelog.net/posts/2026-05-27-pr-14324/</link><pubDate>Wed, 27 May 2026 06:10:29 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-27-pr-14324/</guid><description>CI hardening prevents npm lifecycle script execution and restricts slash-command dispatch to authorized repository members only.</description></item><item><title>ASIM AssetEntity Schema: Three New Fields Added in v1.0.0 Release</title><link>http://sentinelchangelog.net/posts/2026-05-26-pr-14312/</link><pubDate>Tue, 26 May 2026 08:18:37 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-26-pr-14312/</guid><description>ASIM AssetEntity schema upgraded to v1.0.0 with three new fields for enhanced entity correlation and snapshot tracking.</description></item><item><title>AWS Content Quality Overhaul: Standardized Detection Rules and Improved Entity Mappings</title><link>http://sentinelchangelog.net/posts/2026-05-18-pr-14101/</link><pubDate>Mon, 18 May 2026 07:30:57 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-18-pr-14101/</guid><description>Comprehensive quality improvements to 61 AWS Analytic Rules and 35 Hunting Queries with standardized naming conventions, normalized MITRE technique mappings, and updated entity field references from legacy AccountCustomEntity to UserIdentityUserName.</description></item><item><title>Microsoft Entra ID Table Rename: Hunting Queries Updated for Current Schema</title><link>http://sentinelchangelog.net/posts/2026-05-18-pr-14186/</link><pubDate>Mon, 18 May 2026 05:36:36 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-18-pr-14186/</guid><description>12 hunting queries updated to use EntraIdSignInEvents and EntraIdSpnSignInEvents tables, replacing deprecated AADSignInEventsBeta and AADSpnSignInEventsBeta references.</description></item><item><title>Red Sift Solution: New CCF Data Connector and Email Security Detections</title><link>http://sentinelchangelog.net/posts/2026-05-14-pr-14036/</link><pubDate>Thu, 14 May 2026 10:01:32 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-14-pr-14036/</guid><description>Red Sift adds CCF-based email and authentication monitoring with 5 detection rules for phishing and account compromise scenarios.</description></item><item><title>Microsoft Entra ID Protection: Enhanced Detection Logic Filters Out Admin Risk Events</title><link>http://sentinelchangelog.net/posts/2026-05-12-pr-14108/</link><pubDate>Tue, 12 May 2026 08:58:14 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-12-pr-14108/</guid><description>Updated CorrelateIPC_Unfamiliar-Atypical rule adds filtering to exclude admin-triggered atypical travel alerts, improving detection precision.</description></item><item><title>GitHub Actions Security: Fork PR Workflow Hardened Against Supply Chain Attacks</title><link>http://sentinelchangelog.net/posts/2026-05-06-pr-14220/</link><pubDate>Wed, 06 May 2026 13:23:44 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-06-pr-14220/</guid><description>CI/CD security enhancement prevents automatic execution of untrusted fork code by implementing strict SafeToRun label gating.</description></item><item><title>Salesforce Service Cloud Connector: Enhanced Event Log Coverage and Multi-Domain Support</title><link>http://sentinelchangelog.net/posts/2026-05-04-pr-14180/</link><pubDate>Mon, 04 May 2026 19:12:27 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-05-04-pr-14180/</guid><description>Major connector upgrade introduces comprehensive event field collection and multi-tenant monitoring capabilities.</description></item><item><title>GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion</title><link>http://sentinelchangelog.net/posts/2026-04-27-pr-14111/</link><pubDate>Mon, 27 Apr 2026 15:15:18 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-27-pr-14111/</guid><description>New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts.</description></item><item><title>Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel</title><link>http://sentinelchangelog.net/posts/2026-04-27-pr-13983/</link><pubDate>Mon, 27 Apr 2026 06:25:41 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-27-pr-13983/</guid><description>New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions.</description></item><item><title>ASIM Agent Event Schema: New Normalization Framework for Security Agent Monitoring</title><link>http://sentinelchangelog.net/posts/2026-04-24-pr-14086/</link><pubDate>Fri, 24 Apr 2026 22:19:31 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-24-pr-14086/</guid><description>Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms.</description></item><item><title>Valimail Enforce Solution: New Email Authentication Monitoring for DMARC/SPF/DKIM Configuration Changes</title><link>http://sentinelchangelog.net/posts/2026-04-24-pr-14045/</link><pubDate>Fri, 24 Apr 2026 05:26:39 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-24-pr-14045/</guid><description>Complete Valimail Enforce monitoring solution delivers real-time detection of email authentication policy weakening and suspicious admin activity affecting domain security posture.</description></item><item><title>Halcyon Anti-Ransomware: Connector Overhaul from ASIM to OCSF Schema Architecture</title><link>http://sentinelchangelog.net/posts/2026-04-23-pr-13928/</link><pubDate>Thu, 23 Apr 2026 06:33:39 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-23-pr-13928/</guid><description>Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table.</description></item><item><title>SOCRadar XTI Platform: New Extended Threat Intelligence Solution Launches with Bidirectional Sync</title><link>http://sentinelchangelog.net/posts/2026-04-23-pr-13858/</link><pubDate>Thu, 23 Apr 2026 05:24:37 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-23-pr-13858/</guid><description>SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities.</description></item><item><title>SAP ETD Cloud: User Account Correlation Now Available After Data Collection Gap</title><link>http://sentinelchangelog.net/posts/2026-04-21-pr-14089/</link><pubDate>Tue, 21 Apr 2026 07:43:46 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-21-pr-14089/</guid><description>SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations.</description></item><item><title>D3 Smart SOAR: New Detection for High/Critical Severity Incidents</title><link>http://sentinelchangelog.net/posts/2026-04-16-pr-14060/</link><pubDate>Thu, 16 Apr 2026 04:54:16 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-16-pr-14060/</guid><description>D3 Smart SOAR solution now includes an Analytic Rule to automatically detect and escalate High or Critical severity incidents from SOAR platform data.</description></item><item><title>Contrast ADR: CCF Connector Deployment Unlocks Application Attack Visibility</title><link>http://sentinelchangelog.net/posts/2026-04-15-pr-13954/</link><pubDate>Wed, 15 Apr 2026 04:58:02 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-15-pr-13954/</guid><description>Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring.</description></item><item><title>Tanium CCF Data Connector: Enhanced Endpoint Visibility with DCR-Based Ingestion</title><link>http://sentinelchangelog.net/posts/2026-04-13-pr-13958/</link><pubDate>Mon, 13 Apr 2026 12:24:43 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-13-pr-13958/</guid><description>New CCF push connector for Tanium enables endpoint compliance, threat response, and patch data ingestion via DCR streams.</description></item><item><title>Palo Alto GlobalProtect: New ASIM Authentication Parser for VPN Monitoring</title><link>http://sentinelchangelog.net/posts/2026-04-09-pr-14012/</link><pubDate>Thu, 09 Apr 2026 16:00:52 +0000</pubDate><guid>http://sentinelchangelog.net/posts/2026-04-09-pr-14012/</guid><description>New ASIM parser normalizes GlobalProtect VPN authentication events from CommonSecurityLog table, enabling unified monitoring of gateway and portal authentication across Palo Alto PAN-OS deployments.</description></item></channel></rss>