Week 24, 2023

Welcome to the latest release notes for Oort! We have some great new features, integrations, and improvements to share with you. Let's dive right in:

πŸ€– Improved Identification and Monitoring of Salesforce Service Accounts

Service accounts are user accounts utilized by applications and automated processes for machine-to-machine communication, providing necessary access privileges. However, if not appropriately managed, service accounts can introduce security vulnerabilities that require clear ownership and control for effective mitigation. For detailed insights into best practices for managing and protecting service accounts, we recommend reading our recent blog post: Best Practices for Managing & Protecting Service Accounts

Unfortunately, many organizations lack visibility into the number of service accounts in their environment and the actions performed by these accounts.

With the latest integration of Oort and Salesforce, you now have the ability to easily filter and identify service accounts within Salesforce. This integration enables Oort to track interactive logins associated with service accounts, expanding the sources for detection and monitoring.

βš™οΈ New Integration with GitHub (Beta)

In addition to traditional identity providers, Oort also enables you to integrate with other applications that hold unique and helpful data about identities. For example, this includes Google, Salesforce, and Slack. In this release, we’ve added another integration – GitHub.

GitHub accounts are frequently targeted by malicious actors seeking to exploit vulnerable accounts. Recognizing the significance of GitHub as a valuable source of identity data, we have included it as a key integration in this release. By combining insights from GitHub with other platforms, you can gain comprehensive visibility into identity-related information.

Currently in beta, our GitHub integration allows you to monitor four crucial checks:

  1. No MFA (Multi-Factor Authentication)

  2. Inactive Accounts

  3. Inactive Guest Accounts

  4. Admin Role Assigned to User

We will continue to expand the capabilities and coverage of this integration in the future, so stay updated for more features!

To set up the GitHub integration, simply navigate to the Integrations section and select "Add Integration." Please note that a GitHub Enterprise license is required for this integration.

βš™οΈ Introducing Push Notifications for Identity Verification

We have noticed a growing adoption of the Oort dashboard by IT help desk teams in recent months. The User360 profiles in Oort provide valuable context on each identity, making them highly effective in verifying user identities before performing actions like password or MFA resets.

In this latest release, we have introduced a new feature specifically for this purpose - "Send Push Verification." By clicking this action, you can now send a push notification to the user in question, prompting them to verify their identity. Once they successfully accept the verification, you will be able to view their response directly within the Oort dashboard. Please note that this functionality is currently available for the Duo integration.

πŸ”— Filter by Linked Users

Last week, we announced a new capability that enables you to link accounts to one another. In this release, we’ve added a β€œLinked Users” filter to the main Users page, enabling you to easily filter by those accounts that have linked accounts associated.

Bug Fixes and Minor Improvements

  • Auth0. All Auth0 user accounts are displayed in the User360 profiles.

  • Azure AD License. Azure AD provider details card now includes license assignment states.

  • Disabled Integrations Banner. If collection for any of your integrations is disabled, a banner will be displayed at the top of the page to make that clear.

  • Error Handling. If you do not have permission to perform a specific action, this will now be clearly displayed.

Last updated