Skip to main content

Jul 2, 2026

Microsoft Sentinel Integration Replacement

Abnormal now offers a new native connector for Microsoft Sentinel that supports near real-time ingestion of Abnormal events.

Abnormal now offers a new native connector for Microsoft Sentinel that supports near real-time ingestion of Abnormal events. Built on Microsoft’s Codeless Connector Framework (CCF), the new push-based connector replaces the legacy Azure Function-based integration and provides a more seamless deployment experience for security teams.

With this release:

  • Send Abnormal security events to Microsoft Sentinel in near real time

  • Improve visibility across Abnormal and Microsoft Sentinel

  • Reduce delays associated with the legacy connectors

This update ensures continued support for Microsoft Sentinel ahead of Microsoft's end-of-support deadline for the HTTP Data Collector API on September 14, 2026, and improves the timeliness of event delivery through a modernized integration framework.


Protect Against Evolving Email Threats

See how behavioral AI detects attacks that legacy defenses miss.