Week 39, 2023

In this week’s release, we’ve provided numerous shortcuts to save you time when investigating failing users.

⬇️Export Network Information of Users

User360 profiles provide the richest, deepest view into each of your identities. The Networks tab of the profile provides a view of all IP addresses associated with a given user. This context on IP addresses is extremely valuable for investigations.

In this release, we’ve added the option to download this table of associated IP addresses. Clicking this button will download the table as a CSV file, enabling you to use these insights in other platforms and tools.

🪪 Quickly Understand User Title Information for Failing Checks

For each check, we include explainability that helps you quickly extract the most important information. This data is displayed on the side drawer when you click on a user that is failing a check.

In this release, we’ve added “User Title” as a field for all checks, helping you to quickly understand if that behavior is expected with their role. Displaying this information clearly means you’ll save time digging through the user profile for this context.

The User Title is available in the Oort dashboard and now also in Slack notifications. This means you don’t even need to login to Oort to understand the user’s title.

⚠️ Easier Creation of Notification Workflows

Depending on the type of insight, you may want to be notified in a variety of different channels. Doing so ensures you can effectively respond and operationalize the insights. You can already define these within the check settings pages, but now you can quickly see which checks have notification targets already set up.

Within the “Report Channels” column of the Checks tab, those checks without notification channels will have an “Add” button. This will enable you to quickly set up where you want to send user failure notifications to. If you already have workflows setup, you will be able to view and edit these.

To further customize these notification settings, you can head to the check settings page. Here you can test and customize messages (including now for webhooks!).

Bug Fixes and Minor Improvements

• User 360 Charts. The timeframe for the chart has been reduced to 30 days, which is the intended behavior.

• Impossible Travel. Improved false positive rate for the Impossible Travel check.