Zoom Connector GA Release: Enhanced Data Ingestion with New Table Schema

ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →

Okta Detection Rule: Fixed Blind Spot After Connector Migration to OktaV2_CL

Critical Okta detection was broken after connector migration — now uses OktaSSO parser to restore session impersonation monitoring. Read More →

Seraphic Web Security: Upgraded to v3.0.0 Content Schema with Enhanced Polling

Seraphic Web Security solution upgraded to v3.0.0 schema with polling v3.0, health checks, and corrected connectivity criteria. Read More →

Salesforce Service Cloud Connector: Enhanced Event Coverage and OAuth2 Support

Salesforce connector v3.1.0 adds comprehensive Event Log File coverage and OAuth2 username-password authentication for improved deployment flexibility. Read More →

GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion

New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →

Bitdefender GravityZone: New Push-Based Security Data Connector for Sentinel

New GravityZone solution brings enterprise endpoint threat data directly to Sentinel via DCR-based push ingestion without bundled detections. Read More →

Lookout Connector: Critical ARM Template Fix Restores Mobile Threat Data Ingestion

Fixed bracket escaping bug in ARM template that caused complete Lookout connector deployment failure. Read More →

Vaikora Solution: New AI Agent Governance Connector for Microsoft Sentinel

New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →

AWS ELB Solution Moves to General Availability

AWS Elastic Load Balancer solution transitions from Public Preview to GA status, confirming production readiness for ALB/NLB access log monitoring. Read More →

Lookout Solution: Version 3.0.3 Certification Resubmission

Version bump from 3.0.2 to 3.0.3 for certification resubmission with ARM template parameter fix. Read More →

Valimail Enforce Solution: New Email Authentication Monitoring for DMARC/SPF/DKIM Configuration Changes

Complete Valimail Enforce monitoring solution delivers real-time detection of email authentication policy weakening and suspicious admin activity affecting domain security posture. Read More →

Halcyon Anti-Ransomware: Connector Overhaul from ASIM to OCSF Schema Architecture

Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →

SOCRadar XTI Platform: New Extended Threat Intelligence Solution Launches with Bidirectional Sync

SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →

BitSight Solution: Packaging Fix Resolves Content Hub Republishing Failure

BitSight solution package updated to v3.1.1 fixing a solution ID issue that prevented proper republishing to Microsoft Sentinel Content Hub. Read More →

Cyjax Threat Intelligence Platform: Complete Solution for IOC Ingestion and Investigation

New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →

Lookout Connector: ARM Template Fix Prevents Deployment Location Errors

Fixed workspace-location defaultValue in Lookout solution ARM template to prevent deployment failures when location parameter is unset. Read More →

Visa Threat Intelligence: Package Publishing Fix for Content Hub Deployment

Resolved package publishing failure by adding missing connector information to UI definition file. Read More →

ExtraHop RevealX Connector: Function App Package Reverted to Address Customer Issues

ExtraHop connector reverted to previous function app package to resolve customer-facing deployment issues affecting data ingestion. Read More →

Recorded Future Identity: Prepares for Microsoft Defender Portal Migration by Deprecating Legacy Incident Creation

Recorded Future Identity solution deprecates Logic Apps-based incident creation and introduces Analytic Rules for Microsoft Defender Portal compatibility. Read More →

SAP ETD Cloud: User Account Correlation Now Available After Data Collection Gap

SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →