Illumio Connector: Enhanced Security with Managed Identity Authentication

Illumio Function App connector replaces DefaultAzureCredential with ManagedIdentityCredential, eliminating client secret exposure. Read More →

GreyNoise Threat Intelligence: SDK Update Addresses Function App Runtime Issues

Updated GreyNoise Python SDK to v3.0.3, fixed module mismatches, and bumped Azure Functions runtime to resolve connector stability issues. Read More →

ASIM Data Tester Enhanced: New Type Validation for Asset Schema Fields

ASIM Data Tester adds DynamicType and ArrayValuesType validation columns to improve dynamic field type checking accuracy. Read More →

Zoom Reports CCF Connector: Table Migration From Legacy Zoom_CL to ZoomV2_CL Schema

CCF connector now ingests to ZoomV2_CL with normalized field names, avoiding conflicts with legacy Function App deployments using Zoom_CL. Read More →

CyberArk Audit Connector: Enhanced Documentation and Deployment Warnings

Function App connector updated with critical migration disclaimers to prevent dual-deployment data duplication. Read More →

ASIM Schema Standardization: Removing Unused User Role Fields Across Multiple Schemas

Cleanup of unused Actor/Target user role fields and alignment of empty parsers improves schema consistency but does not affect active detection capabilities. Read More →

Threat Intelligence: Duo Security IP Detection Updated for ASIM Schema Compliance

IPEntity_DuoSecurity detection migrated from legacy DuoSecurityAuthentication_CL table to normalized CiscoDuo ASIM schema. Read More →

CrowdStrike Connector: Enhanced Rate Limiting and GA Release

CrowdStrike API Data Connector moves to General Availability with advanced rate limit handling for Alerts and Detections data ingestion. Read More →

Zoom Reports: CCF Connector Replaces Azure Function for Report Ingestion

ZoomReports solution migrates from Azure Function to CCF architecture, providing streamlined OAuth-based ingestion for six report types covering usage, telephony, and audit activities. Read More →

Logstash Plugin: Configurable Retransmission Delay Reduces HTTP 429 Throttling Impact

Microsoft Sentinel Logstash plugin v1.2.1 adds configurable retry delay parameter to mitigate data loss during throttling scenarios. Read More →

Zero Networks: Enhanced Audit Parser and CCF Connectors Expand Microsegmentation Visibility

Zero Networks parser update adds 182 new audit types plus dual CCF connectors for comprehensive microsegmentation telemetry. Read More →

Cyren Threat Intelligence: Flexible Deployment with Optional JWT Tokens

Cyren threat intelligence connectors now support conditional deployment — customers can install either IP reputation or malware URL feeds individually based on their subscription. Read More →

TacitRed-CrowdStrike IOC Playbook: Partner Certification Header Compliance

TacitRed-CrowdStrike playbook updated to include required User-Agent header for CrowdStrike Technology Partner certification compliance. Read More →

Workspace Usage Monitoring Enhanced with New Features and Weekly Analytics

WorkspaceUsage workbook updated to version 1.6.4 with new weekly analytics features and bug fixes to improve usage visibility. Read More →

TheHive Connector: Field Filtering Fix Restores Complete Event Collection

TheHive CCF connector removes excludeFields parameter that was preventing complete event data ingestion. Read More →

Datawiza Solution: New Detection for Server Error Spike Monitoring

Datawiza solution adds server error spike detection to identify potential DDoS attacks or system misconfigurations. Read More →

Commvault Connector: Migration from Legacy Sentinel API to Modern Logs Ingestion Architecture

Commvault Security IQ connector migrated from deprecated Log Analytics API to Azure Monitor Logs Ingestion API with DCE/DCR architecture. Read More →

Microsoft Entra ID Assets: Device and Organizational Contact Visibility Expansion

Two new asset tables (EntraDevices, EntraOrgContacts) added to Microsoft Entra ID connector for BloodHound graph building and complete asset enumeration. Read More →

AWS Athena Function App: Resolving Extension Bundle Compatibility and Query Result Parsing

AWS Athena Function App connector updated to Azure Functions v4+ bundle and fixed Python query parsing logic that previously failed on empty result data. Read More →

Feedly Threat Intelligence: Migration from Azure Functions to Native CCF Connector

Modernizes Feedly threat intelligence ingestion by removing Azure Function dependencies and migrating to native Sentinel CCF polling for IoC feeds. Read More →