Box Connector: Critical Security Fix for HTTP Decompression Vulnerabilities
Box connector urllib3 dependency updated to address two high-severity CVEs causing potential DoS attacks. Read More →
Box connector urllib3 dependency updated to address two high-severity CVEs causing potential DoS attacks. Read More →
Updated Infoblox NIOS parsers exclude additional administrative log categories to improve signal-to-noise ratio. Read More →
Intel471 solution now supports the new Verity471 backend alongside Titan for ingesting malware threat indicators. Read More →
Massive new Cyble Vision solution providing 40+ specialized detection rules and parsers for diverse threat intelligence feeds from dark web to cloud security. Read More →
Two GCP IAM analytic rules had syntax errors preventing proper detection of token generation and key enumeration attacks. Read More →
New compliance monitoring solution provides IT systems change tracking and segregation of duties controls for Sarbanes-Oxley compliance programs. Read More →
Dependency update from urllib3 1.26.20 to 2.6.0 addresses two high-severity CVEs preventing DoS attacks via decompression bombs and content encoding chains. Read More →
Updated urllib3 dependency to v2.6.0 to address two high-severity CVEs affecting HTTP decompression handling. Read More →
Microsoft Copilot connector fixes critical table reference issue, standardizing on official CopilotActivity table name across all components. Read More →
CCF connector update fixes timestamp extraction, adds configurable API endpoints, and expands log data collection for better event visibility. Read More →
Updates Revoke-AADSignInSessions playbook documentation to use correct User.RevokeSessions.All permissions instead of broader User.ReadWrite.All. Read More →
Corrected field name from incident_id_s to incidentId_s in Contrast EDR detection rule. Read More →
Lookout solution updated to v3.0.1 with parser fixes, comprehensive security dashboards, and enhanced analytic rules. Read More →
Corrected field name parsing errors in SlackAuditV2_CL that were causing channel sharing status and IP context data to return null. Read More →
Two ProofPoint TAP Analytic Rules updated to reference ProofpointTAPv2 connector ID, ensuring compatibility with the newer connector version. Read More →
Field name inconsistencies in Fortigate ASIM parsers corrected to ensure proper schema compliance and data normalization. Read More →
SAP agentless package updated to use Log Analytics v2 API for heartbeats and added audit log user exclusion capabilities. Read More →
Removed time-based query parameters from Proofpoint On-Demand Email Security connector to prevent duplicate data ingestion caused by time rounding overlaps. Read More →
New SOC Prime Platform audit logs data connector added using CCF framework, providing visibility into SOC Prime TDM platform user activities and administrative actions. Read More →
Resolved ARM-TTK validation errors preventing ProofPoint TAP solution deployment. Read More →