New Features

Allow & Block Lists Now Bi-Directional

You can now toggle your lists to ‘Allow’ or ‘Block’ certain email domains or browser types. Setting these lists will help security analysts quickly identify authentication behavior that is out of policy for your organization by failing its respective checks when any of the criteria are met.

Filter Panel Now Actionable

You can now take action to include or exclude filters from the side panel when viewing the Users list. This enables specific populations of users to be shown in the results without having to enter a query in the search bar.

Behavioral Check Failures Now Explained

You can now see the reason why a behavioral check failed. Navigate to any user, click the ‘Activity’ tab, then click the event in the table. The sidebar will open up with details of what behavior triggered the check failure.

▶️ EventHub Integration Now Available for Azure AD

You can now configure your Azure AD instance to utilize the EventHub streaming service. Using EventHub reduces the likelihood that your organization will hit any sort of rate limit when collecting logs. To enable EventHub, go to the “Integrations” tab, select your Azure AD instance, then click the “Event Streaming” tab. Enter your information and click Save.

Improvements

👌🏻Customers using OIE can now enable collections for “Devices” and “Authenticators”

👌🏻 The Identity Security Check for “Risky Parallel Sessions” has been optimized to remove obvious machine communications