Dynatrace Solution: DCR Migration Introduces v2 Connectors for All Data Sources

All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →

Upwind Solution: Publisher ID Update for Content Hub Validation

Updated publisher ID in Upwind solution metadata to comply with Content Hub deployment requirements. Read More →

Proofpoint POD Connector: Critical Time Parameter Fix to Prevent Data Gaps

Proofpoint POD connector updated to include sinceTime parameter configuration, addressing potential data collection gaps during initial ingestion windows. Read More →

Recorded Future Sandbox: Enhanced Region Support and Improved Threat Intelligence Structure

Recorded Future adds sandbox region configuration parameter and moves threat intelligence evidence details to comply with STIX standard structure. Read More →

Censys Solution: New Related Infrastructure Playbook Enhances Threat Pivot Capabilities

Censys solution adds playbook and workbook for automated infrastructure pivoting and pivot analysis visualization using the Pivot Analysis API. Read More →

Global Secure Access: Threat Intelligence Detection Restored After URL Regex Failure

Fixed broken URL threat intelligence detection and expanded workbook coverage for new Entra traffic type. Read More →

Blacklens Connector: Logic App Deployment Failure Fixed

Removes unsupported secureData configuration preventing Blacklens ASM connector deployments from completing successfully. Read More →

SAP: Agentless Integration Package v1.1.10 with Security Enhancements

SAP agentless solution updated to version 1.1.10 with security and usability improvements, plus official release status designation. Read More →

SAP: New Agentless User Blocking Playbook for Defender XDR Integration

New SAP playbook enables automated user blocking via Teams adaptive cards with enhanced support for complex multi-alert incidents from Microsoft Defender XDR. Read More →

D3 Smart SOAR: New Detection for High/Critical Severity Incidents

D3 Smart SOAR solution now includes an Analytic Rule to automatically detect and escalate High or Critical severity incidents from SOAR platform data. Read More →

Check Point Cyberint: Bi-Directional Alert Sync and Critical Data Ingestion Fix

Adds comprehensive bi-directional sync playbooks and fixes critical ref_id column type bug that caused silent data loss in alert ingestion. Read More →

Contrast ADR: CCF Connector Deployment Unlocks Application Attack Visibility

Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →

Four Legacy Azure Function Connectors Marked for Deprecation - Migration to CCF Required

Microsoft has deprecated Azure Function-based connectors for Okta SSO, SentinelOne, Sophos Endpoint Protection, and VMware Carbon Black Cloud in favor of CCF alternatives. Read More →

Function App Connectors Deprecated: Four Solutions Migrate to CCF Framework

Legacy Azure Function connectors for Atlassian Jira, Auth0, Box, and CrowdStrike are now deprecated as solutions transition to the modern CCF architecture. Read More →

Microsoft Entra ID Conditional Access Bypass Detection: False Positive Reduction via Benign Status Code Watchlist

New watchlist filters out 7 known-benign status codes from Conditional Access bypass detection to reduce false positives from legitimate MFA prompts and session expiration events. Read More →

meshStack Solution: Publisher ID Alignment for Content Hub Certification

meshStack solution updated publisher ID to match Partner Center configuration, ensuring compliance with Microsoft certification requirements. Read More →

BeyondTrust PM Cloud: Critical Data Ingestion Fix Restores Partial Event Visibility

A batching bug in the BeyondTrust PM Cloud connector was causing 413 errors and incomplete endpoint security event ingestion when payload sizes exceeded Log Analytics limits. Read More →

Azure Security Benchmark Workbook: Parameter Filtering Logic Fixed

KQL queries in the Azure Security Benchmark workbook now properly filter by selected compliance domains. Read More →

Tanium CCF Data Connector: Enhanced Endpoint Visibility with DCR-Based Ingestion

New CCF push connector for Tanium enables endpoint compliance, threat response, and patch data ingestion via DCR streams. Read More →

Microsoft Entra ID: Account Creation/Deletion Detection Enhanced Against Timing Evasion

Critical improvements to AccountCreatedandDeletedinShortTimeframe rule extend detection window to 7 days and use immutable UserID correlation to prevent timing-based evasion techniques. Read More →