Abnormal now offers a new native connector for Microsoft Sentinel that supports near real-time ingestion of Abnormal events. Built on Microsoft’s Codeless Connector Framework (CCF), the new push-based connector replaces the legacy Azure Function-based integration and provides a more seamless deployment experience for security teams.
With this release:
Send Abnormal security events to Microsoft Sentinel in near real time
Improve visibility across Abnormal and Microsoft Sentinel
Reduce delays associated with the legacy connectors
This update ensures continued support for Microsoft Sentinel ahead of Microsoft's end-of-support deadline for the HTTP Data Collector API on September 14, 2026, and improves the timeliness of event delivery through a modernized integration framework.
