Week 41, 2023
Last updated
Last updated
Come, gather, and read about all of Oortโs goodness weโre releasing to you this week!
In last weekโs release, we introduced the concept of โobservationsโ that make up our Checks. For any check, there may be multiple observations made by Oort and you can view these within the User Profileโs Checks tab.
Typically, youโre able to โResolveโ the check for a user if you mark the check as normal behavior. However, given that there may now be multiple observations, you may wish to make some as normal behavior and others as not. With this release, you can give feedback for each observation to either โMark as interestingโ or โMark as normal behaviorโ. The check will only be resolved if you mark all observations as normal.
The Activity Tab in the User 360 profiles is one of the best places in the dashboard to investigate a user. In this table, you can scroll through a history of all events associated with that user, with each row displaying the most pertinent information for the event. Clicking into the row will give you access to the full, raw data behind the event.
With this release, weโve beefed up the context you see within the โTargetโ column of the table. This means that you can better identify the target application, group and other factors without clicking to view the raw data.
Weโve added the Endpoints data type to our Duo integration. These endpoints refer to โthe laptops, desktops, tablets, mobile phones, and other devices where your end users access Duo protected applications and services, as well as 2FA Devices, which are the enrolled phones and other mobile devices where users approve Duo authentication requests.โ These are all incredibly helpful data points to associate with your identities, and provide even greater visibility.
Duo Advanced customers will be able to access this data type. In Oort, this will be disabled by default, but you can enable it by going to Integrations - Duo - Edit Settings - Advanced Settings.
Bug Fixes and Minor Improvements
Exclamation Points in Webhook URLs. Exclamation points are now supported for the URL field in the Webhook settings. Go to Integrations - Webhooks to learn more.
Risky Sign In. The default ignore list for risky sign ins has been updated.
