Identity Security Insights 24.07 Release Notes

July 2, 2024

New Features

Via Path shows paths to privilege on the entitlements grid

A new column, Via Path, has been added to the Entitlements grid to illustrate potential paths to privilege between accounts. This helps administrators understand and mitigate possible security risks by showing direct relationships, like how jane@acme.com might escalate to john@acme.com.

This feature alerts administrators if a user’s account,which normally has limited access, has a path to high privilege through configuration oversight or other connections.

Entitlements grid, with new Via Path column highlighted.

Providers show in detections and recommendations

A new column, Providers, has been added to grouped view pages. This shows which providers are contributing to the alert, making it easier to manage security threats efficiently and effectively.

Grouped view page, with new providers column highlighted.

Enhancements

Insights collector enhancements

Optimized inventory collection for Active Directory: The frequency of inventory pushes has been adjusted from hourly to every two hours to enhance system performance and reduce data traffic.

Additional event collection: Four new events are collected, to identify additional possible concerns: Event IDs 4662, 4624, 5136, and 4742.

Additional saved filters

More saved filters have been added across several grids, providing administrators with a targeted view into dormant, privileged, unmanaged, under attack, and more. These filters help manage and bring visibility into quicker identification and response to potential security issues within your system. To access these filters, use the drop-down menu above your data grids.

Detections grid and Recommendations grids

  • Dormant privileged accounts
  • Privileged accounts
  • Unmanaged privileged accounts

Accounts grid

  • Dormant privileged accounts with recommendations
  • Privileged accounts under attack
  • Unmanaged privileged accounts
  • Unmanaged privileged accounts under attack

Entitlements grid

  • Dormant privileged accounts
  • Security posture needs improving

Examples of saved filters.

Azure Connector Enhancements

The Azure Connector is improved with three new permissions. The setup script has been updated, so a quick script run or manual tweak is all it takes to use these permissions.

  • DeviceManagementApps.Read.All
  • OnPremDirectorySynchronization.Read.All
  • RoleManagement.Read.All