Cyderes experienced a minor incident on March 23, 2026 affecting Microsoft Sentinel and Third-Party Data Source, lasting 2d 1h. The incident has been resolved; the full update timeline is below.
Affected components
Update timeline
- investigating Mar 23, 2026, 07:02 PM UTC
We have identified a recent Microsoft parser change affecting Azure Sentinel that is impacting the performance and reliability of certain SIEM detection rules. Our team is actively working with Microsoft to validate the root cause and drive a permanent resolution. In parallel, we are working to implement temporary mitigations to restore detection coverage where impacted. We will continue to monitor the situation closely and provide updates as more information becomes available.
- identified Mar 24, 2026, 01:23 AM UTC
Cyderes is continuing to work with Microsoft to implement a resolution. Cyderes has identified and developed custom parser configuration changes to address this situation and restore impacted detection coverage. These changes have been deployed and are under evaluation currently.
- monitoring Mar 25, 2026, 03:54 PM UTC
Cyderes has developed custom parser configuration changes and have restored impacted detection coverage. These changes have been deployed and have been under evaluation for over 24 hours with no further issues identified. For this resolved matter, if you have any questions, please contact your Client Success Manager.
- resolved Mar 25, 2026, 08:03 PM UTC
This incident has been resolved.