The attack exploited previously exposed credentials and flaws in enterprises’ multi-factor authentication configurations.
The new engine could let enterprises retain more telemetry data for compliance and incident response at lower cost, although migration work and missing query support may slow adoption, analysts say.