Recorded Future: IOC Enrichment Noise Reduction via Risk Score Thresholding
Added configurable RiskScoreThreshold parameter to prevent low-risk IOCs from generating incident comments. Read More →
Added configurable RiskScoreThreshold parameter to prevent low-risk IOCs from generating incident comments. Read More →
Fixed Policy 300.4.1.1 violation by securing credential parameters in the Cyren-SentinelOne threat intelligence integration Playbook. Read More →
Analytic rule optimization introduces potential detection gaps by reordering deduplication before indicator validity checks. Read More →
All IPinfo connector Azure Function packages rebuilt to resolve dependency issues with Linux runtime. Read More →
New Content Hub solution automates IOC ingestion from Cyren CCF feeds (IP reputation and malware URLs) into SentinelOne for automated threat detection and response. Read More →
Updated GreyNoise Python SDK to v3.0.3, fixed module mismatches, and bumped Azure Functions runtime to resolve connector stability issues. Read More →
Version constraint fix restores Function App deployment after Azure Functions runtime compatibility issue. Read More →
Adds comprehensive playbook automation for Censys threat intelligence enrichment, providing IP/domain/certificate context during incident investigation. Read More →
IPEntity_DuoSecurity detection migrated from legacy DuoSecurityAuthentication_CL table to normalized CiscoDuo ASIM schema. Read More →
Cyren threat intelligence connectors now support conditional deployment — customers can install either IP reputation or malware URL feeds individually based on their subscription. Read More →
Corrects solution name and ID mismatches in Visa TI connector templates that were causing installation failures. Read More →
IPinfo v3.0.3 adds Core, Plus, and Residential Proxy data connectors with robust Azure AD OAuth exception handling to prevent authentication blind spots. Read More →
Microsoft has deprecated the Graph Security tiIndicators API, rendering Recorded Future’s automated threat intelligence ingestion playbooks non-functional. Read More →
Modernizes Feedly threat intelligence ingestion by removing Azure Function dependencies and migrating to native Sentinel CCF polling for IoC feeds. Read More →
CTM360 HackerView Function App connector was completely broken due to backup flag logic errors, preventing all threat intelligence ingestion until this fix. Read More →
Compliance update removes credential scanner violations from securestring parameters and aligns all content versions to 3.0.3. Read More →
Comprehensive update to 17 IPinfo connectors enhancing deployment reliability with runtime pinning, dependency fixes, and multi-workspace DCR support. Read More →
Configuration updates eliminate massive duplicate indicator ingestion caused by small page sizes and frequent polling intervals. Read More →
New Analytic Rule enables detection of malicious URLs from threat feeds in web traffic, closing coverage gap for URL-based indicators. Read More →
New Visa Threat Intelligence (VTI) solution providing IOC feeds via DCR connector with high-severity detection rules for domains and file hashes. Read More →