CTERA Solution for Azure Sentinel

[roberteliass]

Required items, please complete

Change(s):
Updated files:

• Analytic Rules
  • RansomwareUserBlocked.yaml
  • RansomwareDetected.yaml
• Data
  • Solution_CTERA.json
• Data Connectors
  • CTERA_Data_Connector.json
• Hunting Queries
  • MassAccessDenied.yaml
  • MassPermissionChanges.yaml
  • MassDeletions.yaml
• Package
  • mainTemplate.json
  • createUiDefinition.json
• Workbooks
  • CTERA_Workbook.json
• ReleaseNotes.md
• SolutionMetadata.json

Reason for Change(s):

• These updates include enhancements to the overall structure, improved detection capabilities, and better integration with the CTERA solution. Bug fixes and optimizations. Resolves validation issues encountered in prior submissions.

Version Updated:

• yes
• Version field updated for Detections/Analytic Rule templates.

Testing Completed:

• Tested in Microsoft Sentinel environment without custom parsers, functions, or tables.
• Validated functionality and ensured proper syntax execution.

Checked that the validations are passing and have addressed any issues that are present:
- Yes, validation checks were run, and all identified issues were addressed.