You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/whats-new.md
+9-9Lines changed: 9 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -41,15 +41,6 @@ UEBA behaviors can be enabled independently from UEBA anomaly detection.
41
41
42
42
For more information, see [Translate raw security logs to behavioral insights using UEBA behaviors in Microsoft Sentinel](../sentinel/entity-behaviors-layer.md).
43
43
44
-
### New detections for Sentinel solution for SAP BTP
45
-
46
-
This update expands [detection coverage for SAP BTP](../sentinel/sap/sap-btp-security-content.md#built-in-analytics-rules), strengthening visibility into high‑risk control plane, integration, and identity activities.
47
-
48
-
-**SAP Integration Suite**: Detects unauthorized changes to integration artifacts, access policies, JDBC data sources, and package imports that could enable data exfiltration or backdoors.
49
-
-**SAP Cloud Identity Service**: Monitors user deletions, privilege grants, and SAML/OIDC configuration changes that weaken authentication controls or create persistent access.
50
-
-**SAP Build Work Zone**: Identifies mass role deletions and unauthorized access to restricted portal resources.
51
-
-**SAP BTP Audit Logging**: Detects audit log ingestion gaps and disruptions that reduce security visibility and enable stealthy activity.
52
-
53
44
### Enable UEBA directly from data connector configuration (Preview)
54
45
55
46
You can now enable UEBA for supported data sources directly from the data connector configuration page, reducing management time and preventing coverage gaps. When you enable new connectors, you can onboard the data source to UEBA without navigating to a separate configuration page.
@@ -61,6 +52,15 @@ For more information, see:
61
52
-[Connect data sources to Microsoft Sentinel by using data connectors](configure-data-connector.md#enable-user-and-entity-behavior-analytics-ueba-from-supported-connectors)
62
53
63
54
55
+
### New detections for Sentinel solution for SAP BTP
56
+
57
+
This update expands [detection coverage for SAP BTP](../sentinel/sap/sap-btp-security-content.md#built-in-analytics-rules), strengthening visibility into high‑risk control plane, integration, and identity activities.
58
+
59
+
-**SAP Integration Suite**: Detects unauthorized changes to integration artifacts, access policies, JDBC data sources, and package imports that could enable data exfiltration or backdoors.
60
+
-**SAP Cloud Identity Service**: Monitors user deletions, privilege grants, and SAML/OIDC configuration changes that weaken authentication controls or create persistent access.
61
+
-**SAP Build Work Zone**: Identifies mass role deletions and unauthorized access to restricted portal resources.
62
+
-**SAP BTP Audit Logging**: Detects audit log ingestion gaps and disruptions that reduce security visibility and enable stealthy activity.
63
+
64
64
## November 2025
65
65
66
66
### New Entity Behavior Analytics (UEBA) experiences in the Defender portal (Preview)
0 commit comments