Lookout Mobile Security: Parser Fixes and Executive Dashboard Enhancement

Lookout solution updated to v3.0.1 with parser fixes, comprehensive security dashboards, and enhanced analytic rules. Read More →

ProofPoint TAP Detection Rules Updated for v2 Connector Migration

Two ProofPoint TAP Analytic Rules updated to reference ProofpointTAPv2 connector ID, ensuring compatibility with the newer connector version. Read More →

Fortigate ASIM Parser: Field Name Consistency Fix for Network Session Schema

Field name inconsistencies in Fortigate ASIM parsers corrected to ensure proper schema compliance and data normalization. Read More →

SAP Solution: Agentless Package Upgraded to Log Analytics v2 API

SAP agentless package updated to use Log Analytics v2 API for heartbeats and added audit log user exclusion capabilities. Read More →

GDPR Workbook: Expanded Asset Coverage Beyond On-Prem Hosts

GDPR compliance workbook now monitors security alerts across Azure, AWS, GCP, and blob storage assets, not just traditional servers. Read More →

Cisco Umbrella Connector: Schema v14 Compatibility and Documentation Updates

Updates Cisco Umbrella Function App connectors to support log schema version 14 with enhanced workspace key documentation. Read More →

Solutions Analyzer Tool: Automated Connector Documentation Generation

Solutions Analyzer tool enhanced to generate markdown documentation files for all 1000+ connectors in addition to CSV output. Read More →

Google Threat Intelligence: Enhanced Threat Hunting with MITRE ATT&CK Integration

Updated threat hunting rules add MITRE ATT&CK mappings and fix parser function calls for improved threat detection coverage. Read More →

ASIM Authentication Parsers: Hostname Resolution and Alias Fixes

Fixes SrcHostname resolution logic and IpAddr aliases in Microsoft Windows Event and SSH authentication parsers. Read More →

Cisco Umbrella: Enhanced Data Fidelity with Log Format v13-v14 Support

Added support for Cisco Secure log formats v13-v14, exposing AI model tracking and event correlation fields for improved threat context. Read More →

Microsoft Defender XDR Workbook Version 3: Enhanced Visualizations and Insights

Updated Microsoft Defender for Office 365 workbook to version 3 with new visuals and improved insights based on user feedback. Read More →

ContrastADR Solution: Parser Logic Enhancement and Workbook Fixes

ContrastADR parsers updated with column_ifexists logic for improved error handling and workbook template fixes. Read More →

Microsoft 365 Defender ASIM: Fixed Field Compatibility Issue in Authentication Parsers

M365 Defender authentication parsers updated to handle optional _ItemId field, resolving parser failures in some client environments. Read More →

GitHub Enterprise Connector: Improved API URL Configuration Guidance

Enhanced connector definition for GitHub Enterprise audit logs with clearer API URL field labels and format examples to reduce customer configuration errors. Read More →

UEBA Essentials: Five New Hunting Queries for Advanced Anomaly Analysis and Threat Triage

UEBA Essentials v4.1.0 adds five targeted hunting queries for high-score anomaly triage, trend analysis, template distribution, user-centric investigation, and malicious source IP identification. Read More →

NCSC-NL Threat Intelligence Sharing: Playbook Bug Fixes and JSON Structure Improvements

Dutch National Detection Network threat intelligence sharing solution updated to v3.0.1 with playbook parameter fixes and improved JSON structure. Read More →

QualysVM Connector: API Rate Limiting and Configurable Truncation Protection

QualysVM connector enhanced with 1 QPS rate limiting and configurable truncation limits to prevent API abuse. Read More →

Check Point Cyberint Alerts: DCR Transform Fix and Customer Name Header Addition

Check Point Cyberint Alerts connector v3.0.1 fixes DCR formatting and adds customer name header for proper API authentication. Read More →

Zscaler ZIA ASIM Parser: Device Model Field Parsing Fix Restores Visibility

ASIM WebSession parser for Zscaler ZIA corrected devicemodel parsing logic that was preventing proper device categorization. Read More →

Squadra Technologies SecRMM: Compliance Update Adds Required Detection Rule

SecRMM solution updated to v3.0.0 with mandatory analytic rule for removable storage monitoring to meet Microsoft Sentinel compliance requirements. Read More →