Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel
New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →
New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →
Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms. Read More →
Complete Valimail Enforce monitoring solution delivers real-time detection of email authentication policy weakening and suspicious admin activity affecting domain security posture. Read More →
Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →
SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →
SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →
D3 Smart SOAR solution now includes an Analytic Rule to automatically detect and escalate High or Critical severity incidents from SOAR platform data. Read More →
Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →
New CCF push connector for Tanium enables endpoint compliance, threat response, and patch data ingestion via DCR streams. Read More →
New ASIM parser normalizes GlobalProtect VPN authentication events from CommonSecurityLog table, enabling unified monitoring of gateway and portal authentication across Palo Alto PAN-OS deployments. Read More →
Four ASIM schemas missing from KQL validation pipeline now included, preventing unvalidated parser deployments. Read More →
SOC Prime solution adds Analytic Rules detecting platform administration events including tenant deletion and successful logins from malicious IPs. Read More →
New ASIM parser normalizes VMware vCenter authentication events from syslog streams to enable detection coverage across vSphere environments. Read More →
ASIM authentication parser for Cisco IOS enables normalized monitoring of login, logout, and failed authentication events from network infrastructure devices. Read More →
New Netskope solution adds 10 detections for web transaction monitoring including impossible travel, excessive downloads, shadow IT detection, and data exfiltration patterns. Read More →
Detection authoring guidelines now require validation of connectorId values against the official repository allowlist to prevent invalid connector references. Read More →
Imperva Cloud WAF CCF connector migrates from private preview custom tables to public preview standard tables. Read More →
New analytic rules target jailbreak attempts, external access, plugin tampering, and file upload disabling - covering major AI security attack vectors. Read More →
blacklens.io Attack Surface Management platform now available in Content Hub with webhook-based alert ingestion and automated incident creation. Read More →
New ASIM parser adds web session visibility for Cisco Umbrella proxy logs, normalizing HTTP/HTTPS traffic data to standard schema. Read More →