Zoom Connector GA Release: Enhanced Data Ingestion with New Table Schema

ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →

Seraphic Web Security: Upgraded to v3.0.0 Content Schema with Enhanced Polling

Seraphic Web Security solution upgraded to v3.0.0 schema with polling v3.0, health checks, and corrected connectivity criteria. Read More →

Salesforce Service Cloud Connector: Enhanced Event Coverage and OAuth2 Support

Salesforce connector v3.1.0 adds comprehensive Event Log File coverage and OAuth2 username-password authentication for improved deployment flexibility. Read More →

AWS ELB Solution Moves to General Availability

AWS Elastic Load Balancer solution transitions from Public Preview to GA status, confirming production readiness for ALB/NLB access log monitoring. Read More →

Halcyon Anti-Ransomware: Connector Overhaul from ASIM to OCSF Schema Architecture

Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →

Microsoft 365 Defender Process Parsers: Enhanced File Metadata Visibility

ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →

Microsoft Sentinel Training Lab: Authentication Simplified to UAMI-Only

Training lab removes dual-auth complexity, standardizing on User-Assigned Managed Identity for Microsoft Defender XDR custom detection rule deployment. Read More →

Recorded Future Identity: Prepares for Microsoft Defender Portal Migration by Deprecating Legacy Incident Creation

Recorded Future Identity solution deprecates Logic Apps-based incident creation and introduces Analytic Rules for Microsoft Defender Portal compatibility. Read More →

SAP ETD Cloud: User Account Correlation Now Available After Data Collection Gap

SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →

Microsoft Sentinel Training Lab: Federation and Split Transformation Capabilities Expanded

Two advanced data ingestion exercises added to training lab covering ADLS Gen2 federation and tier-based transformation routing. Read More →

Dynatrace Solution: DCR Migration Introduces v2 Connectors for All Data Sources

All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →

Recorded Future Sandbox: Enhanced Region Support and Improved Threat Intelligence Structure

Recorded Future adds sandbox region configuration parameter and moves threat intelligence evidence details to comply with STIX standard structure. Read More →

ASIM Process Event Parsers: Parameter Standardization Fixes Filtering Logic Inconsistencies

ASIM Process Event parser parameter names corrected to match documentation, fixing filtering logic discrepancies that could affect query performance and parser interoperability. Read More →

SAP: Agentless Integration Package v1.1.10 with Security Enhancements

SAP agentless solution updated to version 1.1.10 with security and usability improvements, plus official release status designation. Read More →

Cisco ISE ASIM Parser: Correcting IP Address Field Mappings

Cisco ISE Administrator authentication parser fixes swap incorrect SrcIpAddr and TargetIpAddr mappings that broke network forensics queries. Read More →

VMware vCenter ASIM Parser: Fixing Field Mappings After ASIM Schema Updates

Critical fixes to VMware vCenter authentication parser resolve incorrect field mappings that broke queries referencing User and DvcId fields. Read More →

Microsoft Entra ID Conditional Access Bypass Detection: False Positive Reduction via Benign Status Code Watchlist

New watchlist filters out 7 known-benign status codes from Conditional Access bypass detection to reduce false positives from legitimate MFA prompts and session expiration events. Read More →

Microsoft Entra ID: Account Creation/Deletion Detection Enhanced Against Timing Evasion

Critical improvements to AccountCreatedandDeletedinShortTimeframe rule extend detection window to 7 days and use immutable UserID correlation to prevent timing-based evasion techniques. Read More →

Fortinet FortiGate ASIM Authentication Parsers: Schema Version Metadata Correction

Updates schema version metadata from 0.1.3 to 0.1.4 in FortiGate authentication parsers with no functional changes. Read More →

Threat Intelligence Domain-to-SecurityAlert Rule: Fixes Recursive Alert Loop with Self-Exclusion Filter

Threat Intelligence domain mapping rule updated to prevent infinite alert loops by excluding its own alerts from the source data. Read More →