Skip to content

Merge master to darktrace fork #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dylan-o-sullivan wants to merge 2,665 commits into from
Closed

Merge master to darktrace fork #63

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2665 commits
Select commit Hold shift + click to select a range
5f3712b
Merge pull request #13424 from Azure/v-kasghosh/issue_number/13412
v-atulyadav Jan 14, 2026
4dc9c5a
Updated logging info
v-utpalkumar Jan 14, 2026
439bf5e
adds default logo
Jan 14, 2026
1f099af
Merge pull request #13436 from Azure/dependabot/pip/Solutions/Lookout…
v-atulyadav Jan 14, 2026
ac786cf
Merge pull request #13439 from Azure/v-kasghosh/issue_number/13163
v-dvedak Jan 14, 2026
673e4d8
Merge branch 'master' into pr/13397
v-shukore Jan 14, 2026
e079ca0
chore: Update Solutions Analyzer CSV files (#2)
github-actions[bot] Jan 14, 2026
2c59b20
Revert "chore: Update Solutions Analyzer CSV files (#2)"
v-shukore Jan 14, 2026
fbc3aec
Merge pull request #13392 from Azure/v-kasghosh/issue_number/12271
v-utpalkumar Jan 14, 2026
d99938f
adds logo
Jan 14, 2026
0d1c972
Merge branch 'master' into AwsCloudTrailParser
Alekhya0824 Jan 14, 2026
bd8fc4f
fix: Update Cyren workbook logoFileName to cyren_logo.svg and remove …
mazamizo21 Jan 14, 2026
e0cb2d5
Bump urllib3 from 2.6.0 to 2.6.3 in /Solutions/Box/Data Connectors (#…
dependabot[bot] Jan 14, 2026
8c262a5
feat(Cyren): Add ConnectionToggleButton and textbox inputs to connect…
mazamizo21 Jan 14, 2026
cabc45c
Bump azure-core in /Solutions/ESET Protect Platform/Data Connectors
dependabot[bot] Jan 14, 2026
88c3b23
fix: Restore Logos/cyren_logo.svg
mazamizo21 Jan 14, 2026
30df58e
Merge branch 'master' into dependabot/pip/Solutions/ESET-Protect-Plat…
v-atulyadav Jan 14, 2026
3b4f4ce
fix(Cyren): V3 repackage with ConnectionToggleButton and post-V3 fixes
mazamizo21 Jan 14, 2026
f131641
Merge branch 'dependabot/pip/Solutions/ESET-Protect-Platform/Data-Con…
v-atulyadav Jan 14, 2026
9153810
fix(Cyren): Correct API versions to 2025-09-01 stable (not preview)
mazamizo21 Jan 14, 2026
7f3497e
fix: Add missing logoFileName to CloudflareCCFWorkbook (upstream bug …
mazamizo21 Jan 14, 2026
01c5d00
fix: Remove duplicate cyren_logo.svg from Workbooks/Images/Logos - on…
mazamizo21 Jan 14, 2026
1dbb4c2
fix: Restore cyren_logo.svg to Workbooks/Images/Logos/ (matches Cloud…
mazamizo21 Jan 14, 2026
b0d4a81
fix(Cyren): V3 repackage with stable API versions (2025-09-01)
mazamizo21 Jan 14, 2026
f269cd7
Solution: TacitRed IOC CrowdStrike Automation (Official) - Clean branch
mazamizo21 Jan 14, 2026
4b11bfe
fix: table retention minimum 4 days (Azure rejects 1 day)
Jan 14, 2026
d0c8a75
fix: add Bearer prefix and fix parameter names for JWT auth
Jan 14, 2026
21358ed
fix: use ApiKeyIdentifier for Bearer prefix per MS CCF docs
Jan 14, 2026
a418b0d
fix: correct ARM template bracket syntax for parameters (single ] not…
Jan 14, 2026
ca97c82
Merge pull request #13430 from keith-degrace/bloodhound
hassanchawiche Jan 14, 2026
493d7ea
Merge pull request #13297 from Azure/update-asim-tester-csv
oshezaf Jan 14, 2026
3903a64
[ASIM] Authentication AADSigninLogs parser rewrite (#13409)
yummyblabla Jan 15, 2026
0c25fe6
Update WorkbooksMetadata.json
v-shukore Jan 15, 2026
6470305
Merge pull request #13397 from secpfe/master
v-atulyadav Jan 15, 2026
4ef53a3
Revert "fix: Add missing logoFileName to CloudflareCCFWorkbook (upstr…
v-maheshbh Jan 15, 2026
f874d56
Merge branch 'master' into pr/13278
v-maheshbh Jan 15, 2026
bca10bc
Add GCP security analytic rules and hunting queries
rahul0216 Jan 15, 2026
37073dd
Update GCPDNSSECDisabled.yaml
rahul0216 Jan 15, 2026
6057df6
Merge pull request #13427 from leeninc/master
v-atulyadav Jan 15, 2026
51beac3
Merge pull request #13437 from Azure/dependabot/pip/Solutions/ESET-Pr…
v-atulyadav Jan 15, 2026
14cf7ff
Update ValidConnectorIds.json
rahul0216 Jan 15, 2026
23a39d7
Bump azure-core in /Solutions/IllumioSaaS/Data Connectors
dependabot[bot] Jan 15, 2026
3746977
Remove DNSSEC Disabled analytic rule
rahul0216 Jan 15, 2026
f73c95a
Delete GCPDNSSECDisabled.yaml
rahul0216 Jan 15, 2026
383b132
Merge pull request #13244 from ryantully-archtis/archtis-ncprotect-3-…
v-dvedak Jan 15, 2026
4548d2e
docs: Add workbook testing document for Cyren Threat Intelligence
mazamizo21 Jan 15, 2026
b6adca8
Merge branch 'master' into pr/13278
v-maheshbh Jan 15, 2026
fce9085
Added GCPDNSSECDisabled.yaml again
rahul0216 Jan 15, 2026
2364e81
fix(TacitRed-IOC-CrowdStrike): resolve ARM-TTK failures
mazamizo21 Jan 15, 2026
c56e7dc
Remove unused ResourceName mapping in GCP VM snapshot rule
rahul0216 Jan 15, 2026
7df146d
update halcyon solution's publisherId
Jan 15, 2026
444d9eb
Merge pull request #13394 from Azure/tools/map-connectors-to-tables
oshezaf Jan 15, 2026
09389bc
Renamed analytic rule GCPDNSSECDisabledForDNSZone
rahul0216 Jan 15, 2026
b9a53dd
updated CSV field limit
v-dhbedu Jan 15, 2026
dd12798
Updated to 7.2
oshezaf Jan 16, 2026
62fb308
Merge branch 'master' into tools/map-connectors-to-tables
oshezaf Jan 16, 2026
877138a
Update Hunting queries'names
rahul0216 Jan 16, 2026
5102166
Set fetch-depth to 2 in workflow checkouts (#13450)
rahul0216 Jan 16, 2026
2acdec5
Merge pull request #13278 from Data443/feature/cyren-threat-intelligence
v-dvedak Jan 16, 2026
5436d12
fixed is_deprecated
oshezaf Jan 16, 2026
c901e63
Merge branch 'master' into tools/map-connectors-to-tables
oshezaf Jan 16, 2026
8fbcbbd
Merge pull request #13451 from Halcyon-Sentinel-Integration/master
v-atulyadav Jan 16, 2026
70f066f
Merge branch 'master' into pr/13074
v-maheshbh Jan 16, 2026
cb7ff52
Merge pull request #13074 from jamos-bt/master
v-dvedak Jan 16, 2026
4bb1616
Merge branch 'master' into pr/13359
v-atulyadav Jan 16, 2026
dd70d91
Merge branch 'master' into dependabot/pip/Solutions/IllumioSaaS/Data-…
v-atulyadav Jan 16, 2026
47c5405
Merge pull request #13447 from Azure/dependabot/pip/Solutions/Illumio…
v-atulyadav Jan 16, 2026
262eed4
Merge pull request #13359 from anthonylamark/SquadraTechnologiesSecRm…
v-atulyadav Jan 16, 2026
fc5fe84
Add files via upload
RamboV Jan 16, 2026
67469fa
update readme.md
RamboV Jan 16, 2026
3afc14f
Add files via upload
RamboV Jan 16, 2026
80f9823
Update readme
RamboV Jan 16, 2026
507fd34
Updated to use CF API
kingwil Jan 16, 2026
89e5764
move note to top of release note
mvang-quokka Jan 16, 2026
efad58c
Update ASimTester.csv (#13461)
yummyblabla Jan 16, 2026
4f1b9c0
Add support for standalone content items
oshezaf Jan 17, 2026
feb62fb
Merge pull request #13463 from Azure/tools/map-connectors-to-tables
oshezaf Jan 17, 2026
17ca902
updated url for ioc connector
chkp-jkohn Jan 18, 2026
52b29f4
removed duplicate 'schema' nesting, connector working
chkp-jkohn Jan 18, 2026
892c9de
chore: Update Solutions Analyzer CSV files and documentation (#7)
github-actions[bot] Jan 19, 2026
e5fa61d
Merge branch 'master' into users/rahul/gcpauditlogs-content
rahul0216 Jan 19, 2026
175347e
Update ZeroTrust(TIC3.0) to version 3.0.3
v-shukore Jan 19, 2026
0a3b921
Bump ZeroTrust solution to version 3.0.3
v-shukore Jan 19, 2026
816d29c
Release NISTSP80053 solution version 3.0.3
v-shukore Jan 19, 2026
1a925fd
Update ReleaseNotes.md
v-shukore Jan 19, 2026
b2f2883
Update Solution_GCPAuditLogs.json
v-shukore Jan 19, 2026
4109acb
Add missing periods to release notes entries
v-maheshbh Jan 19, 2026
c03c46d
Revert "chore: Update Solutions Analyzer CSV files and documentation …
v-maheshbh Jan 19, 2026
68e621b
Remove trailing blank line from mainTemplate.json
v-maheshbh Jan 19, 2026
a696075
chore: Update Solutions Analyzer CSV files and documentation (#8)
github-actions[bot] Jan 19, 2026
91ad82e
Merge pull request #13446 from Azure/users/rahul/gcpauditlogs-content
v-atulyadav Jan 19, 2026
5128b78
feat(TacitRedThreatIntelligence): TacitRed CCF solution (no workbook …
mazamizo21 Jan 19, 2026
9cd6f8b
Solution: TacitRed SentinelOne IOC Automation (Official) - Clean branch
mazamizo21 Jan 19, 2026
f8d6bf7
[ASIM] Authentication - Crowdstrike FalconHost Parser changes (#13462)
yummyblabla Jan 19, 2026
e0551de
Filter on TimeGenerated (#13467)
yummyblabla Jan 20, 2026
f14fcad
Revert "chore: Update Solutions Analyzer CSV files and documentation …
v-maheshbh Jan 20, 2026
547bfc3
Aligned Bigid publisher id with partnercentral value
mhebrard-bigid Jan 16, 2026
0559389
Merge pull request #12671 from Azure/AwsCloudTrailParser
v-atulyadav Jan 20, 2026
e6b09ac
chore: Re-trigger CI (GitHub API rate limit timeout)
mazamizo21 Jan 20, 2026
b4a8e7f
Add Conditional Access SISM workbook to Entra ID solution
v-maheshbh Jan 20, 2026
ee79516
Merge pull request #13468 from Azure/v-maheshbh/Microsoft-Entra-ID
v-atulyadav Jan 20, 2026
a6f78ef
Merge remote-tracking branch 'origin/master'
nitsan-tzur Jan 20, 2026
57fef10
chore: Update Solutions Analyzer CSV files (#5)
github-actions[bot] Jan 20, 2026
e8fdabf
update connector title to suggested
mvang-quokka Jan 20, 2026
39fa412
fix packaging (#13476)
AmirSasson Jan 20, 2026
1cfb8e1
fix fetching sets with no events to collect
nitsan-tzur Jan 21, 2026
8e4800e
chore: Update Solutions Analyzer CSV files (#4)
github-actions[bot] Jan 12, 2026
d032a5b
fix fetching sets with no events to collect
nitsan-tzur Jan 21, 2026
9318700
Merge remote-tracking branch 'origin/cyberark_epm_patch' into cyberar…
nitsan-tzur Jan 21, 2026
56f1e12
[ASIM] NetworkSession - NTANetAnalytics - SrcIpAddr can map to SrcIp …
yummyblabla Jan 21, 2026
dc6bfac
[ASIM] Authentication - Sshd Parser fixes (#13460)
yummyblabla Jan 21, 2026
32c5154
Merge pull request #13341 from chrisda/EOP-chrisda
v-dvedak Jan 21, 2026
1707e92
Filter out specific alert name from SecurityAlerts
hitem Jan 21, 2026
20f94a3
Update JudgementPandaExfilActivity.yaml
v-sabiraj Jan 21, 2026
27c71a9
Update SUNSPOTHashes.yaml
v-sabiraj Jan 21, 2026
451587e
Update LocalDeviceJoinInfoAndTransportKeyRegKeysAccess.yaml
v-sabiraj Jan 21, 2026
1fd3bb3
Update MITRE technique and add reference link
v-sabiraj Jan 21, 2026
26cd422
Adding logo inside Workbooks folder
Jan 21, 2026
40ab9cd
fix(TacitRed-SentinelOne): Fix playbookContentId for Content Hub loading
mazamizo21 Jan 21, 2026
592d8f9
fix(TacitRed-SentinelOne): Remove orphaned Playbooks variable
mazamizo21 Jan 21, 2026
4b93f24
feat(TacitRedThreatIntelligence): Add workbook metadata entry per rev…
mazamizo21 Jan 21, 2026
fde00ff
Based on confirmation from Microsfot team, remove playbook GetProofpo…
Jan 21, 2026
001f62b
Merge pull request #13480 from Azure/v-sabiraj-updatinglinksforrules
v-sabiraj Jan 21, 2026
fbd8934
feat(TacitRedThreatIntelligence): Add preview images to workbook folder
mazamizo21 Jan 21, 2026
1a38f46
Update Teams hunting queries to version 1.0.0
v-sabiraj Jan 21, 2026
2f2dea3
repackage
chkp-jkohn Jan 21, 2026
df07610
Update Salesforce data connector instructions to include Shield Event…
destinywu Jan 21, 2026
e7a0ed6
Add files via upload
RamboV Jan 21, 2026
6b34330
update readme.md for JoeSandbox URL Analysis Playbook
RamboV Jan 21, 2026
9c0913e
Add files via upload
RamboV Jan 21, 2026
8883b92
Revise readme.md for JoeSandbox File Analysis Playbook
RamboV Jan 21, 2026
b790d3c
Update mainTemplate.json and package for XDR solution
v-shukore Jan 22, 2026
e538467
Fix syntax in mainTemplate.json parameters
v-shukore Jan 22, 2026
5a70666
Update ReleaseNotes.md
v-shukore Jan 22, 2026
73d79d1
Merge branch 'master' into v-shukore/MS-Defender-XDR
v-shukore Jan 22, 2026
a5622a2
Update ReleaseNotes.md
v-shukore Jan 22, 2026
6a7dbce
Merge pull request #13464 from chkp-jkohn/connector-fixes
v-atulyadav Jan 22, 2026
2b573d2
Merge pull request #13205 from Azure/v-shukore/MS-Defender-XDR
v-atulyadav Jan 22, 2026
ba96ec8
Update DomainEntity_SecurityAlert.yaml
v-shukore Jan 22, 2026
39d5665
Update Threat Intelligence solution templates
v-shukore Jan 22, 2026
8224700
Update BasePath in Solution_JoeSandbox.json
v-maheshbh Jan 22, 2026
d04dc50
chore: Update Solutions Analyzer CSV files and documentation (#9)
github-actions[bot] Jan 22, 2026
7dcb5fd
Revert "chore: Update Solutions Analyzer CSV files and documentation …
v-maheshbh Jan 22, 2026
24fc642
Update SUNSPOT and Sigma rule references in XDR package
v-sabiraj Jan 22, 2026
750e74c
Merge pull request #12801 from RamboV/master
v-dvedak Jan 22, 2026
9be8a9a
Update 3.0.13.zip
v-sabiraj Jan 22, 2026
0810ba4
Bump azure-core
dependabot[bot] Jan 22, 2026
8daf5ce
Merge branch 'master' into pr/13479
v-shukore Jan 22, 2026
2eda7ac
Update Cisco Meraki Custom connector deployment references and API e…
v-kasghosh Jan 22, 2026
a192a38
Move SecOps workbook images to Preview folder
v-maheshbh Jan 22, 2026
7cb12c3
Update release notes
kingwil Jan 22, 2026
157cb5f
Update MITRE technique and fix SUNSPOT rule descriptions
v-sabiraj Jan 22, 2026
555793a
Merge branch 'master' into pr/13268
v-maheshbh Jan 22, 2026
5d00a21
Revert "Zip File"
v-kasghosh Jan 22, 2026
16c4182
Update Meraki API endpoint in mainTemplate.json
v-kasghosh Jan 22, 2026
a00dedb
Updated solution description by eliminating legacy streaming text
v-rusraut Jan 22, 2026
248af01
Update SUNSPOTHashes.yaml
v-shukore Jan 22, 2026
995addc
Revert "feat(TacitRedThreatIntelligence): Add workbook metadata entry…
v-maheshbh Jan 22, 2026
9b84b57
Add TacitRed SecOps Workbook metadata
v-maheshbh Jan 22, 2026
0229a92
Merge pull request #13485 from Azure/v-sabiraj-updatingMicrosoftXDRules
v-atulyadav Jan 22, 2026
ea02cfd
Merge pull request #13488 from Azure/v-rusraut/AzureDevOps-Issue13179
v-atulyadav Jan 22, 2026
98d7653
Rename BeyondTrustPMCloud preview images
v-maheshbh Jan 22, 2026
74a3348
Add BeyondTrust logo SVG asset
v-maheshbh Jan 22, 2026
24d6a7e
fix(WorkbooksMetadata): Fix BeyondTrust preview image naming for CI v…
mazamizo21 Jan 22, 2026
c4e1baf
fix(TacitRed-SentinelOne): Add playbook metadata for Content Hub
mazamizo21 Jan 22, 2026
b64c1ae
fix(TacitRed-IOC-CrowdStrike): Add playbook metadata for Content Hub
mazamizo21 Jan 22, 2026
a5aff40
Revert BeyondTrust metadata fix per Microsoft request
mazamizo21 Jan 22, 2026
ed5623e
Merge pull request #13489 from Azure/v-maheshbh/BeyondTrustPMCloud
v-atulyadav Jan 22, 2026
d40398c
Merge branch 'master' into pr/13268
v-maheshbh Jan 22, 2026
1860b7f
flare solution 3.0.0
Dec 15, 2025
e920c5e
[ASIM] Authentication M365Defender - Parser Fixes (#13441)
yummyblabla Jan 22, 2026
5729e5a
[ASIM] Authentication - Palo Alto Cortex data lake parser edits (#13410)
yummyblabla Jan 22, 2026
cad9219
Correct Tenable_IE_CL table references in data connector configuration
v-dhbedu Jan 22, 2026
f861496
[ASIM] Authentication su parser fixes (#13453)
yummyblabla Jan 22, 2026
77673cf
Update empty custom parsers (#13494)
yummyblabla Jan 22, 2026
d36303c
Merge pull request #13487 from Azure/v-kasghosh/issue_number/13466
v-dvedak Jan 23, 2026
7a9be02
repackaged
v-atulyadav Jan 23, 2026
f8b42b7
Update TacitRed-SentinelOne solution metadata and templates
v-shukore Jan 23, 2026
da793d6
Merge pull request #13400 from mvang-quokka/fix-quokka-ccf-connector
v-atulyadav Jan 23, 2026
8fe092b
Merge pull request #13481 from destinywu/feature/destinywu/salesforce…
v-dvedak Jan 23, 2026
2e7b385
Update release notes for SOC Handbook and SOAR Essentials
v-sabiraj Jan 23, 2026
b4a737b
Merge branch 'master' into dependabot/pip/Solutions/WithSecureElement…
v-atulyadav Jan 23, 2026
a0c1fc3
Merge pull request #13498 from Azure/v-sabiraj-updatereleasenotes
v-sabiraj Jan 23, 2026
8372f5c
Merge branch 'master' into pr/13415
v-maheshbh Jan 23, 2026
4ed47af
Merge pull request #13301 from Flared/release/2.2.0
v-atulyadav Jan 23, 2026
6633978
Update ReleaseNotes.md
v-shukore Jan 23, 2026
c6f0493
Merge pull request #13479 from hitem/patch-2
v-atulyadav Jan 23, 2026
e527988
Merge pull request #13458 from mhebrard-bigid/bigid-update-publisherid
v-dvedak Jan 23, 2026
a5a4bf0
fix(TacitRed-IOC-CrowdStrike): Apply reviewer's playbook metadata pat…
mazamizo21 Jan 23, 2026
7f2e92d
fix(TacitRed-IOC-CrowdStrike): Update release notes format per review…
mazamizo21 Jan 23, 2026
f99666b
features enhanced
MartinPankraz Jan 23, 2026
a4e80a8
Fix TacitRed CCF connector data ingestion
mazamizo21 Jan 23, 2026
3919f99
Add dependson for deployments to prevent deployment errors (#13495)
yummyblabla Jan 23, 2026
f425a38
Merge branch 'dhanu-CCFConnectors' of https://github.com/dhanunjaya10…
v-dhbedu Jan 23, 2026
4a9bf6d
Removing the changes added to this file as they are not a part of Ten…
v-dhbedu Jan 23, 2026
be67e20
Restore top-level deployment resources after V3 packaging
mazamizo21 Jan 23, 2026
40ba25d
Improve Instructions part of the connector UI with more InfoMessage
Jan 26, 2026
d1d6c4b
update version in logs
Jan 26, 2026
9f5ca68
[Crowdstrike solution] - refresh API Connector with Cases data type a…
Jan 27, 2026
ba569a2
Merge pull request #13269 from Data443/feature/tacitred-crowdstrike-ioc
v-atulyadav Jan 27, 2026
015e58d
Merge pull request #13267 from Data443/feature/tacitred-sentinelone-v1
v-dvedak Jan 27, 2026
7623308
updating release notes
Jan 27, 2026
51e9047
feat(CyrenThreatIntelligence): Version 3.0.1 - Auto-connect and cost …
mazamizo21 Jan 27, 2026
771cd9f
Revert "chore: Update Solutions Analyzer CSV files (#4)"
v-shukore Jan 27, 2026
28a046e
Revert "chore: Update Solutions Analyzer CSV files (#5)"
v-shukore Jan 27, 2026
b8d1afe
fix(CyrenThreatIntelligence): Reduce queryWindowInMin from 240 to 15 …
mazamizo21 Jan 27, 2026
4baada3
Merge pull request #13504 from srikarshastry/feature/srsistla/crowdSt…
hassanchawiche Jan 27, 2026
66da3f4
fix: Restore 3.0.0.zip per MS reviewer request (keep both versions)
mazamizo21 Jan 27, 2026
5e776b8
Merge pull request #13502 from TwistedAlex/OCIInfraConnectorInstructi…
hassanchawiche Jan 27, 2026
6063c01
Bump Threat Intelligence solution to version 3.0.13
v-sabiraj Jan 27, 2026
2e6f90e
fix(TacitRedThreatIntelligence): Add preview images to Workbooks/Imag…
mazamizo21 Jan 27, 2026
8ac6735
Remove unused management variable from mainTemplate.json
v-sabiraj Jan 27, 2026
bb0b45e
Revert "fix(TacitRedThreatIntelligence): Add preview images to Workbo…
mazamizo21 Jan 27, 2026
104aaf2
fix(TacitRedThreatIntelligence): Revert preview images and reduce que…
mazamizo21 Jan 27, 2026
141a490
fix(TacitRedThreatIntelligence): Update Package with queryWindowInMin…
mazamizo21 Jan 27, 2026
28a81b3
fix(CyrenThreatIntelligence): Add missing auto-connect resources to PR
mazamizo21 Jan 27, 2026
fd6ca07
fix(CyrenThreatIntelligence): Update queryWindowInMin to 120 per MS r…
mazamizo21 Jan 27, 2026
524e7ec
Update ReleaseNotes.md
v-sabiraj Jan 27, 2026
c006e7a
Merge pull request #13506 from Azure/v-sabiraj-TInewpackageupdate
v-dvedak Jan 27, 2026
1cd681d
fix(TacitRedThreatIntelligence): Remove top-level DCE/table/DCR resou…
mazamizo21 Jan 27, 2026
0b3e674
fix(TacitRedThreatIntelligence): Remove tacitRedApiKey from createUiD…
mazamizo21 Jan 27, 2026
b470f59
Merge pull request #13499 from MartinPankraz/pr-13367
v-atulyadav Jan 27, 2026
0c09525
Update ReleaseNotes.md
v-shukore Jan 27, 2026
eafa31f
fix: Update DCR transform to properly parse TacitRed API response
mazamizo21 Jan 27, 2026
cebdaff
fix: Update poller config to match working deployment
mazamizo21 Jan 27, 2026
d567079
fix(CyrenThreatIntelligence): Remove top-level standalone resources p…
mazamizo21 Jan 27, 2026
163b296
Merge pull request #13268 from Data443/feature/tacitred-ccf-hub-v2
v-dvedak Jan 27, 2026
4f2f2d5
fix(CyrenThreatIntelligence): Keep only 3.0.1.zip and add release notes
mazamizo21 Jan 27, 2026
d67a836
fix: Restore 3.0.0.zip from upstream (unchanged from master)
mazamizo21 Jan 27, 2026
93d9d28
fixes WindowsAuditChecker workbook intro
Jan 27, 2026
639be0b
Update zip package
nitsan-tzur Jan 27, 2026
4306c7a
[ASIM] AuditEvent - AzureAdminActivity Parser changes (#13419)
yummyblabla Jan 27, 2026
ba37fd5
Merge pull request #13477 from nitsan-tzur/cyberark_epm_patch
v-atulyadav Jan 28, 2026
790920b
Merge pull request #13490 from shubhangipagar-gh/removeTapPlaybookGet…
v-dvedak Jan 28, 2026
a49bc24
Merge pull request #13505 from Data443/feature/cyren-v3.0.1
v-atulyadav Jan 28, 2026
c073d40
Update ReleaseNotes.md
dhanunjaya1054 Jan 28, 2026
9a3f1da
Merge pull request #13493 from dhanunjaya1054/dhanu-TenableConnector
v-dvedak Jan 28, 2026
c64cc2a
Merge pull request #13507 from secpfe/master
v-dvedak Jan 28, 2026
90468ae
Release Windows Security Events Solution v3.0.11
v-sabiraj Jan 28, 2026
40eff71
Update ReleaseNotes.md
v-sabiraj Jan 28, 2026
b0d6ac2
Merge pull request #13511 from Azure/v-sabiraj-windowssecurityevents
v-rusraut Jan 28, 2026
57187d7
Merge pull request #13415 from fenil-savani/Corelight-AWS-VPC-Flow-Wo…
v-atulyadav Jan 28, 2026
dd7f19d
Updated The Non Domain Controller Active Directory Replication Analyt…
v-kasghosh Jan 28, 2026
2688e86
Updated the analytic rule version
v-kasghosh Jan 28, 2026
1a159d6
Merge pull request #13486 from Azure/dependabot/pip/Solutions/WithSec…
v-atulyadav Jan 28, 2026
1300b55
Delete update-solutions-analyzer.yml
oshezaf Jan 28, 2026
29117f8
Parameterize ProjectId and ZoneId in mainTemplate.json
v-shukore Jan 28, 2026
f79508e
Merge pull request #13515 from Azure/v-shukore/GCPAL
v-atulyadav Jan 28, 2026
17205b1
Merge pull request #13513 from Azure/v-kasghosh/issue_number/12327_v2
v-sabiraj Jan 28, 2026
13b2065
Merge pull request #13514 from Azure/remove-solution-analyzer-workflow
oshezaf Jan 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
The diff you're trying to view is too large. We only load the first 3000 changed files.
2 changes: 1 addition & 1 deletion .github/workflows/ScanSecrets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-depth: 10
- name: Secret Scanning
uses: trufflesecurity/trufflehog@main
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/arm-ttk-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
fetch-depth: 10
- shell: pwsh
id: step1
name: Identify Changes in PR
Expand Down
106 changes: 106 additions & 0 deletions .github/workflows/aws-s3-bundle-update.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
name: AWS-S3 DataConnector Bundle Auto-Update
run-name: Auto-updating AWS-S3 bundles for ${{ github.event.pull_request.head.ref }}

on:
pull_request:
branches:
- master
paths:
# Trigger when any of these files in AWS-S3 directory change
- 'DataConnectors/AWS-S3/*.ps1'
- 'DataConnectors/AWS-S3/*.py'
- 'DataConnectors/AWS-S3/*.md'
- 'DataConnectors/AWS-S3/CloudFormation/**'
- 'DataConnectors/AWS-S3/Enviornment/**'
- 'DataConnectors/AWS-S3/Utils/**'
# Don't trigger on zip file changes (to avoid recursion)
- '!DataConnectors/AWS-S3/*.zip'
# Don't trigger on bundle automation documentation changes (not bundled)
- '!DataConnectors/AWS-S3/BUNDLE_AUTOMATION.md'

# Allow manual workflow dispatch for testing
workflow_dispatch:

jobs:
auto-update-bundles:
# Security: Block workflow execution on forked repositories
if: ${{ !github.event.pull_request.head.repo.fork }}
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write

steps:
- name: Generate a token
id: generate_token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ secrets.APPLICATION_ID }}
private-key: ${{ secrets.APPLICATION_PRIVATE_KEY }}

- name: Checkout PR branch with sparse checkout
uses: actions/checkout@v4
with:
token: ${{ steps.generate_token.outputs.token }}
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 2 # Just need HEAD and parent for git diff
persist-credentials: false # Security: Don't persist credentials after checkout
sparse-checkout: |
DataConnectors/AWS-S3
.script
sparse-checkout-cone-mode: false

- name: Restore bundling script from base branch
run: |
# Security: Use trusted script from base branch to prevent malicious PR modifications
# Fetch the base branch to ensure we have the reference
git fetch origin ${{ github.base_ref || 'master' }}:refs/remotes/origin/${{ github.base_ref || 'master' }}
git checkout origin/${{ github.base_ref || 'master' }} -- .script/bundleAwsS3Scripts.sh
chmod +x .script/bundleAwsS3Scripts.sh

- name: Check if auto-update needed
id: check_update
run: |
# Skip if this commit already updated bundles (prevent loops)
if git log -1 --name-only | grep -q "ConfigAwsS3DataConnectorScripts.*\.zip"; then
echo "skip=true" >> $GITHUB_OUTPUT
echo "Bundles already updated in latest commit"
else
echo "skip=false" >> $GITHUB_OUTPUT
fi

- name: Update bundles
if: steps.check_update.outputs.skip != 'true'
run: |
.script/bundleAwsS3Scripts.sh

- name: Commit updated bundles
if: steps.check_update.outputs.skip != 'true'
env:
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
run: |
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"

# Configure remote with token for push (needed due to persist-credentials: false)
git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git

# Stage zip files
git add DataConnectors/AWS-S3/ConfigAwsS3DataConnectorScripts*.zip

# Check if there are changes to commit
if ! git diff --cached --quiet; then
git commit -m "Auto-update AWS-S3 DataConnector bundles

- Updated ConfigAwsS3DataConnectorScripts.zip
- Updated ConfigAwsS3DataConnectorScriptsGov.zip
- Changes triggered by: ${{ github.event.pull_request.head.sha }}

[skip ci]"

git push origin ${{ github.event.pull_request.head.ref }}

echo "✅ Successfully updated and committed bundle files"
else
echo "ℹ️ No bundle changes detected"
fi
12 changes: 11 additions & 1 deletion .github/workflows/codeql-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
strategy:
fail-fast: false
matrix:
language: [ 'javascript', 'python', 'ruby', 'actions' ]
language: [ 'javascript', 'python', 'ruby', 'actions', 'csharp' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'actions' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support

Expand All @@ -51,6 +51,16 @@ jobs:
# queries: ./path/to/local/query, your-org/your-repo/queries@main
queries: security-extended,security-and-quality

# ℹ️ Setup DotNet Versions to building C# projects
- name: Setup DotNet Versions
uses: actions/setup-dotnet@v5
with:
dotnet-version: |
6.0.x
7.0.x
8.0.x
9.0.x

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/content-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Only need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/data-connector-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/detection-template-schema-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ jobs:
PRNUM: ${{ github.event.pull_request.number }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Need HEAD and parent for git diff
- name: Use .NET Core SDK ${{ env.dotnetSdkVersion }}
uses: actions/setup-dotnet@v4
with:
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/detection-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Only need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/documents-link-validation.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Only need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/hyperlinkValidator.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
env:
GeneratedToken: ${{ steps.generate_token.outputs.token }}
with:
fetch-depth: 0
fetch-depth: 10
token: ${{ env.GeneratedToken }}
- shell: pwsh
id: step1
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/json-syntax-validation.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Only need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/kql-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ jobs:
PRNUM: ${{ github.event.pull_request.number }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Need HEAD and parent for git diff
- name: Use .NET Core SDK ${{ env.dotnetSdkVersion }}
uses: actions/setup-dotnet@v4
with:
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/logo-validation.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Only need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/non-ascii-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ jobs:
dotnetSdkVersion: 3.1.401
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Need HEAD and parent for git diff
- name: Use .NET Core SDK ${{ env.dotnetSdkVersion }}
uses: actions/setup-dotnet@v4
with:
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/playbook-validations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2 # Only need HEAD and parent for git diff
- run: npm install -g npm@6.14.18;which npm;npm -v
- name: npm install
run: npm install
Expand Down
Loading