WithSecure incident

Microsoft Sentinel connector is not receiving security event data from WithSecure Elements

Minor Resolved View vendor source →

WithSecure experienced a minor incident on May 8, 2025 affecting Portal, lasting 6d 20h. The incident has been resolved; the full update timeline is below.

Started
May 08, 2025, 11:27 AM UTC
Resolved
May 15, 2025, 08:26 AM UTC
Duration
6d 20h
Detected by Pingoru
May 08, 2025, 11:27 AM UTC

Affected components

Portal

Update timeline

  1. investigating May 08, 2025, 11:27 AM UTC

    We are currently investigating an issue where the Microsoft Sentinel connector is not receiving security event data from WithSecure Elements. Affected are all customers using the Sentinel connector.

  2. identified May 12, 2025, 12:24 PM UTC

    We are in the process of releasing a new version that resolves this issue. This version is currently pending Microsoft approval. In the meantime, you can manually upgrade the WithSecure Elements API connector for Microsoft Sentinel (deployed from Azure Marketplace) by following these steps: Login to Azure CLI az login Download the Fixed Version of the Connector App from: https://github.com/WithSecureOpenSource/elements-api/releases/download/1.0.1/connector.zip Run the Function App Deployment (Modify the MyResourceGroupName and MyFunctionAppName as needed): az functionapp deployment source config-zip --resource-group MyResourceGroupName --name MyFunctionAppName --src ./connector.zip

  3. resolved May 15, 2025, 08:26 AM UTC

    This incident has been resolved.