Week 41, 2023
Come, gather, and read about all of Oortβs goodness weβre releasing to you this week!
β
Mark Individual Observations as Interesting
In last weekβs release, we introduced the concept of βobservationsβ that make up our Checks. For any check, there may be multiple observations made by Oort and you can view these within the User Profileβs Checks tab.
Typically, youβre able to βResolveβ the check for a user if you mark the check as normal behavior. However, given that there may now be multiple observations, you may wish to make some as normal behavior and others as not. With this release, you can give feedback for each observation to either βMark as interestingβ or βMark as normal behaviorβ. The check will only be resolved if you mark all observations as normal.
π―Access More Detail on User Activities
The Activity Tab in the User 360 profiles is one of the best places in the dashboard to investigate a user. In this table, you can scroll through a history of all events associated with that user, with each row displaying the most pertinent information for the event. Clicking into the row will give you access to the full, raw data behind the event.
With this release, weβve beefed up the context you see within the βTargetβ column of the table. This means that you can better identify the target application, group and other factors without clicking to view the raw data.
βοΈAdded Collection for Duo Advanced
Weβve added the Endpoints data type to our Duo integration. These endpoints refer to βthe laptops, desktops, tablets, mobile phones, and other devices where your end users access Duo protected applications and services, as well as 2FA Devices, which are the enrolled phones and other mobile devices where users approve Duo authentication requests.β These are all incredibly helpful data points to associate with your identities, and provide even greater visibility.
Duo Advanced customers will be able to access this data type. In Oort, this will be disabled by default, but you can enable it by going to Integrations - Duo - Edit Settings - Advanced Settings.
Bug Fixes and Minor Improvements
Exclamation Points in Webhook URLs. Exclamation points are now supported for the URL field in the Webhook settings. Go to Integrations - Webhooks to learn more.
Risky Sign In. The default ignore list for risky sign ins has been updated.
Last updated
