OpenAI Connector: Migration to ASIM Standard Improves AI Monitoring Normalization
OpenAI chat completions data now ingests to ASimAgentEventLogs standard table, enabling standardized AI usage monitoring and cross-product correlation. Read More →
OpenAI chat completions data now ingests to ASimAgentEventLogs standard table, enabling standardized AI usage monitoring and cross-product correlation. Read More →
XBOW connector upgrades to latest API version, adding attack credits tracking and recent event details to assessment ingestion for improved offensive security visibility. Read More →
ESET connector switches from unreliable timestamp filtering to delta tokens, closing potential data loss gaps during high-volume ingestion periods. Read More →
Comprehensive quality improvements to 61 AWS Analytic Rules and 35 Hunting Queries with standardized naming conventions, normalized MITRE technique mappings, and updated entity field references from legacy AccountCustomEntity to UserIdentityUserName. Read More →
Flare Solution updates detection logic and adds three new Analytic Rules for improved threat exposure monitoring across chat platforms, lookalike domains, and underground marketplaces. Read More →
Updated CorrelateIPC_Unfamiliar-Atypical rule adds filtering to exclude admin-triggered atypical travel alerts, improving detection precision. Read More →
Data fidelity fix converts Unix epoch millisecond fields to datetime, resolving duplicate typed columns that broke query functionality in Dynatrace parsers. Read More →
Missing TargetUserSessionId field in Microsoft 365 Defender ASIM ProcessEvent parsers has been restored, fixing queries that previously returned null for this session correlation field. Read More →
Comprehensive quality improvements to 11 Azure Firewall detections and 5 hunting queries add entity mappings, custom details, and query optimizations to reduce false positives and improve incident context. Read More →
Workbook no longer flags legitimate rule template and active rule pairs as having different query text due to whitespace sensitivity. Read More →
Deployment source moved to stable Microsoft repo, custom table schemas fixed, and Function App ingestion enhanced for reliable attack path visibility. Read More →
Updated 9 analytic rules and 10 hunting queries with strengthened entity mapping, alert details, and MITRE coverage for OT/IoT network monitoring. Read More →
Microsoft’s TAXII Export connector for Threat Intelligence objects is now GA, removing preview limitations for production TI sharing workflows. Read More →
Major connector upgrade introduces comprehensive event field collection and multi-tenant monitoring capabilities. Read More →
Abnormal Security CCF connector v3.0.1 fixes table column naming to match Microsoft Log Analytics output, restoring access to previously missing metadata fields. Read More →
CrowdStrike’s Function App-based data replicator was incorrectly deprecated and has been restored to active status to maintain government deployment support. Read More →
Fixed Function App deployment packaging errors and improved security by converting ARM template secrets to secure strings. Read More →
Updates polling interval from 2-day to 1-day window with 1-day delay to eliminate duplicate Zoom cloud recording logs. Read More →
Qualys Knowledge Base connector moves from Preview to General Availability, providing production-grade vulnerability intelligence ingestion with enhanced monitoring capabilities. Read More →
Qualys VM connector upgraded from API v3.0 to v5.0 to prevent June deprecation cutoff impacting vulnerability data ingestion. Read More →