diff --git a/contentctl.yml b/contentctl.yml
index b1cd870f86..04b58a2621 100644
--- a/contentctl.yml
+++ b/contentctl.yml
@@ -185,9 +185,9 @@ apps:
 - uid: 6207
   title: Splunk Add-on for Microsoft Security
   appid: Splunk_TA_MS_Security
-  version: 2.4.1
+  version: 2.5.0
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-security_241.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-security_250.tgz
 - uid: 2734
   title: URL Toolbox
   appid: URL_TOOLBOX
diff --git a/data_sources/ms365_defender_incident_alerts.yml b/data_sources/ms365_defender_incident_alerts.yml
index 4f6665ecbc..81bc243003 100644
--- a/data_sources/ms365_defender_incident_alerts.yml
+++ b/data_sources/ms365_defender_incident_alerts.yml
@@ -16,7 +16,7 @@ sourcetype: ms365:defender:incident:alerts
 supported_TA:
 - name: Splunk Add-on for Microsoft Security
   url: https://splunkbase.splunk.com/app/6207
-  version: 2.4.1
+  version: 2.5.0
 fields:
 - actorName
 - alertId
diff --git a/data_sources/ms_defender_atp_alerts.yml b/data_sources/ms_defender_atp_alerts.yml
index f7429f3de6..1655a48af7 100644
--- a/data_sources/ms_defender_atp_alerts.yml
+++ b/data_sources/ms_defender_atp_alerts.yml
@@ -16,7 +16,7 @@ sourcetype: ms:defender:atp:alerts
 supported_TA:
 - name: Splunk Add-on for Microsoft Security
   url: https://splunkbase.splunk.com/app/6207
-  version: 2.4.1
+  version: 2.5.0
 fields:
 - column
 - accountName