Zoom Connector GA Release: Enhanced Data Ingestion with New Table Schema
ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →
ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →
Seraphic Web Security solution upgraded to v3.0.0 schema with polling v3.0, health checks, and corrected connectivity criteria. Read More →
Salesforce connector v3.1.0 adds comprehensive Event Log File coverage and OAuth2 username-password authentication for improved deployment flexibility. Read More →
AWS Elastic Load Balancer solution transitions from Public Preview to GA status, confirming production readiness for ALB/NLB access log monitoring. Read More →
Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →
ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →
Training lab removes dual-auth complexity, standardizing on User-Assigned Managed Identity for Microsoft Defender XDR custom detection rule deployment. Read More →
Recorded Future Identity solution deprecates Logic Apps-based incident creation and introduces Analytic Rules for Microsoft Defender Portal compatibility. Read More →
SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →
Two advanced data ingestion exercises added to training lab covering ADLS Gen2 federation and tier-based transformation routing. Read More →
All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →
Recorded Future adds sandbox region configuration parameter and moves threat intelligence evidence details to comply with STIX standard structure. Read More →
ASIM Process Event parser parameter names corrected to match documentation, fixing filtering logic discrepancies that could affect query performance and parser interoperability. Read More →
SAP agentless solution updated to version 1.1.10 with security and usability improvements, plus official release status designation. Read More →
Cisco ISE Administrator authentication parser fixes swap incorrect SrcIpAddr and TargetIpAddr mappings that broke network forensics queries. Read More →
Critical fixes to VMware vCenter authentication parser resolve incorrect field mappings that broke queries referencing User and DvcId fields. Read More →
New watchlist filters out 7 known-benign status codes from Conditional Access bypass detection to reduce false positives from legitimate MFA prompts and session expiration events. Read More →
Critical improvements to AccountCreatedandDeletedinShortTimeframe rule extend detection window to 7 days and use immutable UserID correlation to prevent timing-based evasion techniques. Read More →
Updates schema version metadata from 0.1.3 to 0.1.4 in FortiGate authentication parsers with no functional changes. Read More →
Threat Intelligence domain mapping rule updated to prevent infinite alert loops by excluding its own alerts from the source data. Read More →