GreyNoise Threat Intelligence: Packaging Fixes and Security Improvements
Fixed Function App deployment packaging errors and improved security by converting ARM template secrets to secure strings. Read More →
Fixed Function App deployment packaging errors and improved security by converting ARM template secrets to secure strings. Read More →
New CCF connector ingests Vaikora AI agent behavioral signals with 3 detection rules for policy violations, anomalies, and high-risk actions. Read More →
SOCRadar XTI Platform solution now available in Content Hub with automated alarm import, incident sync, and comprehensive threat intelligence monitoring capabilities. Read More →
New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →
Censys solution adds playbook and workbook for automated infrastructure pivoting and pivot analysis visualization using the Pivot Analysis API. Read More →
Fixed broken URL threat intelligence detection and expanded workbook coverage for new Entra traffic type. Read More →
Adds comprehensive bi-directional sync playbooks and fixes critical ref_id column type bug that caused silent data loss in alert ingestion. Read More →
Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →
KQL queries in the Azure Security Benchmark workbook now properly filter by selected compliance domains. Read More →
New CCF push connector for Tanium enables endpoint compliance, threat response, and patch data ingestion via DCR streams. Read More →
Critical improvements to AccountCreatedandDeletedinShortTimeframe rule extend detection window to 7 days and use immutable UserID correlation to prevent timing-based evasion techniques. Read More →
Replaced “Azure Security Benchmark” references with “Microsoft cloud security benchmark” across workbook labels and KQL queries. Read More →
Added Log Ingestion API support with OAuth 2.0 authentication — modernizes data ingestion from legacy HTTP Data Collector API. Read More →
New Citrix Analytics CCF solution provides push-based ingestion for SPA and CVAD security events via Azure Monitor Logs Ingestion API. Read More →
New Netskope solution adds 10 detections for web transaction monitoring including impossible travel, excessive downloads, shadow IT detection, and data exfiltration patterns. Read More →
Fixes field mapping inconsistencies in Corelight aggregation parsers that caused data loss and adds aggregation filtering to the Data Explorer workbook. Read More →
New analytic rules target jailbreak attempts, external access, plugin tampering, and file upload disabling - covering major AI security attack vectors. Read More →
blacklens.io Attack Surface Management platform now available in Content Hub with webhook-based alert ingestion and automated incident creation. Read More →
Cisco Firepower workbook queries updated from incorrect ‘Firepower’ to ‘FTD’ filter, fixing non-functional dashboard charts. Read More →
Adds comprehensive playbook automation for Censys threat intelligence enrichment, providing IP/domain/certificate context during incident investigation. Read More →