SentinelSOARessentials: New Entity Analyzer Playbooks for Incident Response

Three new entity analyzer playbooks added with HTTP, URL, and incident triggers for automated URL and user entity enrichment. Read More →

Cyera DSPM Solution: Marketplace Preparation and Configuration Updates

Marketplace preparation updates including publisher ID changes, logo corrections, and DCR configuration fixes for Cyera DSPM solution. Read More →

Corelight Network Monitoring: Six New Aggregation Parsers for Enhanced Analytics

Added six new aggregation parsers for Corelight sensor data including DNS, HTTP, files, connections, SSL, and weird events with improved CIM mapping. Read More →

AbuseIPDB Playbooks: Typo Fixes and Logo Source Update

Minor documentation and configuration fixes for AbuseIPDB playbooks including corrected image source and typo corrections. Read More →

GDPR Workbook: Expanded Asset Coverage Beyond On-Prem Hosts

GDPR compliance workbook now monitors security alerts across Azure, AWS, GCP, and blob storage assets, not just traditional servers. Read More →

Critical Cloudflare Analytics Rules: Enhanced URL Entity Mapping and Repository Maintenance

P0-labeled update improves URL entity mapping in Cloudflare detection rules alongside extensive repository maintenance and validation improvements. Read More →

Cisco Umbrella Connector: Schema v14 Compatibility and Documentation Updates

Updates Cisco Umbrella Function App connectors to support log schema version 14 with enhanced workspace key documentation. Read More →

ZeroFox CCF Connector: KQL Query Restoration and Multi-Solution Maintenance

ZeroFox CCF connector receives missing KQL query fixes alongside packaging updates across 8+ solutions. Read More →

Google Threat Intelligence: Enhanced Threat Hunting with MITRE ATT&CK Integration

Updated threat hunting rules add MITRE ATT&CK mappings and fix parser function calls for improved threat detection coverage. Read More →

Authomize Connector: Critical requests Library CVE-2024-47081 Security Fix

Authomize connector dependency updated to address credential leakage vulnerability in requests library. Read More →

Cisco Umbrella: Enhanced Data Fidelity with Log Format v13-v14 Support

Added support for Cisco Secure log formats v13-v14, exposing AI model tracking and event correlation fields for improved threat context. Read More →

Microsoft Defender XDR Workbook Version 3: Enhanced Visualizations and Insights

Updated Microsoft Defender for Office 365 workbook to version 3 with new visuals and improved insights based on user feedback. Read More →

ZeroFox Connector: Fixing Stream Naming Inconsistency Breaking Alert Ingestion

Stream name mismatch between DCR and connector config prevented ZeroFox threat alerts from reaching Sentinel workspaces. Read More →

Open Systems Solution: Logo Update and Contact Email Correction

Marketplace certification fixes for Open Systems solution — updated SVG logo path and corrected contact email address for Azure Marketplace deployment. Read More →

Fortinet FortiNDR Cloud: Security Update Addresses Python Requests CVE-2024-47081

Critical security update patches CVE-2024-47081 netrc credential leak vulnerability in Python requests library. Read More →

ContrastADR Solution: Parser Logic Enhancement and Workbook Fixes

ContrastADR parsers updated with column_ifexists logic for improved error handling and workbook template fixes. Read More →

GitHub Enterprise Connector: Improved API URL Configuration Guidance

Enhanced connector definition for GitHub Enterprise audit logs with clearer API URL field labels and format examples to reduce customer configuration errors. Read More →

Palo Alto Prisma Cloud Connector: Policy Data Restored with Missing "detailed" API Flag

Critical data fidelity fix for Palo Alto Prisma Cloud CCF connector — added missing “detailed” flag to API queries, restoring previously excluded policy field data. Read More →

UEBA Essentials: Five New Hunting Queries for Advanced Anomaly Analysis and Threat Triage

UEBA Essentials v4.1.0 adds five targeted hunting queries for high-score anomaly triage, trend analysis, template distribution, user-centric investigation, and malicious source IP identification. Read More →

Snowflake Connector: Data Parsing Logic Restored After SQL Query Malformation

Critical fix to Snowflake connector data parsing logic, switching from array-based extraction to proper JSON field extraction, restoring visibility across all log types. Read More →