Checkmarx SAST Ingestion Playbook: Static Application Security Testing Integration

New playbook for ingesting Checkmarx SAST scan findings into Microsoft Sentinel via DCR/DCE for application vulnerability tracking. Read More →

TacitRed-CrowdStrike IOC Playbook: Partner Certification Header Compliance

TacitRed-CrowdStrike playbook updated to include required User-Agent header for CrowdStrike Technology Partner certification compliance. Read More →

NetApp Ransomware Resilience: New Automated Incident Response Solution

NetApp introduces modular playbooks for automated ransomware protection, enabling SOC teams to investigate, snapshot, and isolate compromised storage volumes via Microsoft Sentinel integration. Read More →

AWS Athena Function App: Resolving Extension Bundle Compatibility and Query Result Parsing

AWS Athena Function App connector updated to Azure Functions v4+ bundle and fixed Python query parsing logic that previously failed on empty result data. Read More →

Recorded Future Playbooks: Threat Intelligence Integration Discontinued Due to Microsoft API Deprecation

Microsoft has deprecated the Graph Security tiIndicators API, rendering Recorded Future’s automated threat intelligence ingestion playbooks non-functional. Read More →

TacitRed CrowdStrike Playbook: Authentication Fix for Multi-Region API Endpoints

Fixed hardcoded CrowdStrike API URL default causing authentication failures for customers in US-1 and EU-1 regions. Read More →

TacitRed SentinelOne Playbook: Critical API Fix Restores IOC Automation After HTTP 500 Failures

Fixed broken TacitRed playbook that was failing with HTTP 500 errors when posting IOCs to SentinelOne due to missing account scope parameter. Read More →

Microsoft Sentinel SOAR Playbook: Enhanced User Entity Resolution Prevents Silent Failures

Incident-Trigger-Entity-Analyzer playbook upgraded with intelligent user identifier detection, resolving silent failures when entities lack AadUserId. Read More →

TacitRed-SentinelOne v3.0.2: Critical Fix for Broken SentinelOne Connection

Fixes a critical deployment bug present since v1.0.0 where hardcoded placeholder URL caused complete playbook failure for all Content Hub installations. Read More →

Zscaler Internet Access: Major Platform Modernization with CloudNSS CCP Connectors

Complete solution overhaul replaces legacy connectors with 15 CloudNSS CCP connectors and 12 OAuth2 playbooks for enhanced Zscaler integration. Read More →

TacitRed CrowdStrike IOC Automation: Critical Deployment Fix and Template Visibility

Fixed InvalidResourceLocation deployment error and missing playbook template discovery for TacitRed CrowdStrike IOC automation solution. Read More →

TacitRed-SentinelOne Solution: Critical Deployment Fix for Content Hub Installation Failures

Fixed InvalidResourceLocation deployment error and removed restrictive domain filter that was preventing TacitRed IOC automation deployments. Read More →

New Solution: TacitRed Defender Threat Intelligence Integration

Official TacitRed Defender TI solution from Data443 enables automated sync of compromised credentials to Microsoft Defender Threat Intelligence. Read More →

TacitRed SentinelOne Solution: Partner Center Metadata Alignment and Template Fixes

TacitRed SentinelOne solution metadata updated for Partner Center alignment with ARM template variable corrections. Read More →

New Solution: JoeSandbox Threat Intelligence and Malware Analysis Platform Integration

Complete JoeSandbox solution deployment enabling automated malware analysis, threat intelligence feed ingestion, and incident enrichment playbooks for Microsoft Sentinel. Read More →

New Cyble Vision Threat Intelligence Solution: Comprehensive CCF-Based Alert Platform

Massive new Cyble Vision solution providing 40+ specialized detection rules and parsers for diverse threat intelligence feeds from dark web to cloud security. Read More →

Microsoft Entra ID Playbooks: API Permission Updates for Session Revocation

Updates Revoke-AADSignInSessions playbook documentation to use correct User.RevokeSessions.All permissions instead of broader User.ReadWrite.All. Read More →

SentinelSOARessentials: New Entity Analyzer Playbooks for Incident Response

Three new entity analyzer playbooks added with HTTP, URL, and incident triggers for automated URL and user entity enrichment. Read More →

AbuseIPDB Playbooks: Typo Fixes and Logo Source Update

Minor documentation and configuration fixes for AbuseIPDB playbooks including corrected image source and typo corrections. Read More →

NCSC-NL Threat Intelligence Sharing: Playbook Bug Fixes and JSON Structure Improvements

Dutch National Detection Network threat intelligence sharing solution updated to v3.0.1 with playbook parameter fixes and improved JSON structure. Read More →