CyberArk EPM: Migration to DCR and OAuth Authentication Replaces Deprecated Log Analytics API

CyberArk EPM connector updated to use DCR ingestion and OAuth authentication, addressing deprecation of Log Analytics API and improving security. Read More →

BeyondTrust PM Cloud: Function App Reliability Fix Prevents Timeout on Large Event Backlogs

Critical fix prevents BeyondTrust PM Cloud Function App timer functions from hanging when processing large event backlogs, restoring data ingestion reliability. Read More →

GitHub Audit Log Connector: Azure Storage Integration Addresses API Rate Limits

New Azure Storage-based GitHub Enterprise audit log connector overcomes CCF API rate limitations through Event Grid blob notifications. Read More →

Filewall for Microsoft 365: New Solution Adds Data Exfiltration Detection for Exchange and Files

Complete CCF-based solution delivers real-time monitoring of blocked emails and files across Microsoft 365 services with immediate threat alerting. Read More →

BitSight Solution: Support Tier Changed to Partner

BitSight solution support tier updated from Microsoft to Partner with version downgrade to 3.2.0. Read More →

Microsoft Agent Identities Connector: New Entra Non-Human Identity Asset Visibility (Preview)

Agent 365 solution adds new Microsoft Agent Identities connector for tracking agent blueprints and non-human identity assets across four data tables. Read More →

Cisco Umbrella CCF: Public Preview Expands Data Visibility with 10 New Log Tables

New Codeless Connector Framework introduces comprehensive log coverage across DNS, web traffic, cloud firewall, admin audit, DLP, file events, IPS, VPN and Zero Trust access for enhanced threat detection. Read More →

Oracle Cloud Infrastructure CCF Connector: IAM Permissions Guidance Added

OCI connector UI updated with explicit IAM policy requirements for stream consumption authorization alongside API signing key authentication. Read More →

Slack Audit Solution: Enhanced Detection Logic and Alert Enrichment

Slack Audit analytic rules, hunting queries, and workbook upgraded with improved KQL logic, custom alert details, and enhanced entity mappings for stronger workspace monitoring. Read More →

42Crunch API Protection: Critical Migration from Legacy HTTP Collector to CCF Push Connector

Migration addresses deprecated HTTP Data Collector API by implementing CCF OAuth2/Entra ID ingestion — deployments on legacy connector face imminent data loss. Read More →

Azure Security Benchmark Solution: Enhanced Detection Logic and Incident Enrichment (v3.0.5)

Azure Security Benchmark solution updated to v3.0.5 with improved compliance monitoring logic, proper data connector declarations, and enhanced incident alert details. Read More →

CrowdStrike API Connector: Multi-Domain Support for Enterprise Deployments

CrowdStrike API connector now supports multiple domain configurations with unique aliases, enabling organizations to ingest data from different CrowdStrike instances simultaneously. Read More →

Airlock Digital Solution: Application Control Visibility for Endpoint Security

New CCF connector enables ingestion of Airlock Digital application control logs, providing execution monitoring and file activity visibility to detect unauthorized software execution. Read More →

AWS Security Hub Compliance Workbook: Comprehensive Security Posture Visualization Now Available

New AWS Security Hub compliance workbook provides executive dashboards and operational analytics for security findings, compliance tracking, and multi-account posture management. Read More →

NordStellar CCF Push Connector: Real-time Threat Intelligence Integration Now Available

New NordStellar solution delivers real-time threat intelligence and exposure monitoring via CCF Push architecture to unified NordStellar_CL table. Read More →

AWS S3 and CrowdStrike Connectors: Non-Analytics Tier Query Support for Basic/Auxiliary Plans

AWS S3 and CrowdStrike Falcon S3 Data Replicator connectors now support Usage table fallback queries for deployments using Basic/Auxiliary Log Analytics plans. Read More →

Bitdefender GravityZone Solution v3.0.1 Adds Incident Analytics for Endpoint and Email Protection

Complete Microsoft Sentinel solution integrating Bitdefender GravityZone multi-vector threat detection with DCR-based ingestion and XDR correlation. Read More →

Sonrai Security CCF Connector: New Cloud Security Posture Visibility

Sonrai Security compliance tickets now integrate directly with Microsoft Sentinel through a new CCF push connector. Read More →

BitSight: Function App to CCF Migration Restores Third-Party Risk Visibility

Legacy Function App connector replaced with two CCF connectors for independent security statistics and events ingestion. Read More →

VMware Workspace ONE: New CCF Connector for UEM Device and Application Visibility

VMware Workspace ONE Unified Endpoint Management platform now available in Microsoft Sentinel via CCF connector for device compliance monitoring and shadow IT detection. Read More →