AR-11342 | New Rule: Domain Admins Group Added to Another Security Group

AR-11331 | New Plugin: Checkpoint Harmony Exceptions

AR-11326 | New Rule: Investigate Detection for Discovery of Bitlocker Features

AR-11322 | New Rule: IdP Audit CR - User Account Locked

AR-11303 | New Plugin: MailWatch

AR-11295 | New Rule: NPS User Lockout After Multiple Attempts

AR-11252 | New Rule: Kubernetes CronJob/Job creation

AR-11276 | Pugin Improvement: Cloudflare - User role

AR-11352 | Plugin Improvement: Office 365 Audit - Improved Parsing - Multiple Events - Duplicate Parsing "Email_Recipient"/ "Source_Username" -> "Source_Userid"

AR-11338 | Plugin Improvement: Cisco ISE

AR-11335 | Plugin Improvement: IdP Audit Logs Improvements - Change Plugin Device

AR-11353 | Rule Improvement: Trend Micro - Potentially Malicious Software or File Identified on Host - Should Use Action OR Event Outcome

AR-11347 | Plugin Improvement: Zscaler ZIA

AR-11343 | Rule Improvement: Cloudflare - Fix Dictionary Rule Pack

AR-11306 | Rule Improvement: Add Exclusion UserPrivilegeEscalation Rule