GCP Security Command Center: New Detection Suite for Cloud Misconfigurations

New Solution delivers 5 Analytic Rules and 5 Hunting Queries to detect GCP security misconfigurations including unrestricted API keys, disabled security features, and risky IAM configurations. Read More →

Rubrik Security Cloud: API Hostname Configuration Update for Customer Deployments

Rubrik Security Cloud solution updated to v3.5.1 with corrected API hostname defaults across all playbooks and custom connector. Read More →

Mimecast Connectors: Migration to Log Ingestion API Eliminates Legacy Workspace Key Dependency

Mimecast Function App connectors migrated from legacy Log Analytics ingestion to Azure Monitor Log Ingestion API, requiring DCR reconfiguration. Read More →

AWS CloudWatch Connectors: Critical Python 3.13 Compatibility Fix

Removed problematic CSV handling causing Lambda function failures on Python 3.13 runtime in CloudWatch connectors. Read More →

UEBA Essentials: Enhanced Multi-Cloud Detection with 6 New AWS, GCP & Okta Hunting Queries

Major update adds comprehensive multi-cloud anomaly detection capabilities across AWS, GCP, and Okta platforms with 6 new hunting queries. Read More →

Vectra XDR: Log Ingestion API Migration and Enhanced API v3.4 Support with New Playbook Capabilities

Vectra XDR solution updated to API v3.4 with Log Ingestion API support, three new playbooks for PCAP download and detection management. Read More →

Business Email Compromise: Fixed Alert Display Variable Reference

Corrected alert display format to use correct variable name CountOfDocs instead of non-existent number_of_files_accessed. Read More →

New Pathlock Threat Detection and Response Solution: SAP Security Integration for Microsoft Sentinel

Push-based connector integrating Pathlock TDnR SAP security monitoring with Microsoft Sentinel for enhanced SAP application security visibility. Read More →

Salesforce Service Cloud: Critical Detection Rule Fixes for TimestampDerived Field

Essential bug fixes for Salesforce Service Cloud detection rules resolving datetime conversion issues that prevented rule creation. Read More →

CrowdStrike Falcon: Enhanced Threat Intelligence Connector with Improved Error Handling

Updated CrowdStrike Falcon Adversary Intelligence connector with better configuration validation, error handling, and code quality improvements. Read More →

VMRay Connector: Fixed Premium ARM Template Security Configuration

ARM template deployment fix adds mandatory TLS 1.2 enforcement and corrects resource configuration for VMRay Function App connector. Read More →

VMware ESXi SSH Brute Force Detection Plus Multi-Solution Updates

New VMware ESXi detection for multiple failed SSH login attempts, plus comprehensive solution updates across 15+ vendor solutions. Read More →

Threat Intelligence Detection: Critical Timing Fix for Cloud App Email Indicators

TI analytic rule query periods reduced from 10 days to 1 hour to prevent false negatives from timing mismatches. Read More →

Cisco Meraki Connector: Data Types Table Name Corrected for Query Consistency

Cisco Meraki connector fixed incorrect table name reference in UI data types to match actual KQL queries. Read More →

SailPoint IdentityNow: Function App Deployment Package Structure Fix

Critical deployment fix for SailPoint IdentityNow Function App correcting ZIP file structure for proper Azure Function discovery and Python package dependencies. Read More →

CyberArk Audit Security Update: CVE-2024-47081 Fix Plus Multi-Solution Maintenance

Critical security update for CyberArk Audit requests library addressing credential leak vulnerability, plus comprehensive updates across 8 solutions. Read More →

Corelight: New Anomaly and First-Seen Event Parsers for Advanced Threat Detection

Corelight solution gains two new parsers for machine learning-based anomaly detection and first-seen event tracking. Read More →

Feedly Threat Intelligence: Function App Package Fix for Python Dependencies

Critical deployment fix for Feedly Azure Function App requiring proper Python packages structure. Read More →

Lumen Threat Feed Solution: Enhanced Delta Sync and Performance Improvements

Lumen Defender Threat Feed updated to v3.1.0 with migrated delta sync polling logic and improved workbook functionality. Read More →

OneTrust Data Security Platform Connector: New Privacy and Risk Management Visibility

New CCF-based connector for OneTrust enables monitoring of privacy compliance, data governance, and risk management activities in Sentinel workspaces. Read More →