Week 22, 2024
Last updated
Last updated
In this week’s release, we are introducing new data types and UI updates.
New data types have been added to Duo Settings - Policy Summary and Applications.
To help you dive deeper into policy analysis, we've added a policy summary data type. This means you can now easily collect and investigate detailed policy information, making it simpler to ensure compliance and strengthen your security posture.
To add these new data types, go to Integrations, find your Duo integration, select Edit Settings and navigate to Advanced Settings tab to select the Appliations and Policy Summary data types.
Sensitive applications also just got better! You can now include Duo applications in your tenant configuration's sensitive applications dropdown. To configure sensitive Duo applications, enable the Applications data type in your Duo integration, then go to Tenant Settings > Sensitive Applications.
This integration simplifies the management and configuration of sensitive apps, giving you better control over your security environment and insight into sensitive applications that are assigned to users but not in use, so that you can easily revoke access from those users.
We have also introduced a new data type to collect Azure Group Owners. We know how critical it is to keep track of group ownership. Our latest update helps you identify orphaned groups by collecting Azure group owner information. If a group owner leaves the company but isn’t deactivated, you’ll know. This reduces the risk of unmanaged, vulnerable groups, ensuring your teams and resources stay secure. To add this data type to collect this data, go to Integrations, find your EntraID integration, select Edit Settings and navigate to Advanced Settings tab to select the Group Owners data type
We’ve made it easier for you to integrate with Okta. The new Cisco Identity Intelligence – Read – Write Management API Service in Okta OM allows you to create an API Service application and share OAuth 2.0 credentials seamlessly. This update simplifies the integration process, helping you get up and running faster.
Location Fields Updated to Use IP Info Rather than Device Location. For more accurate location data, we’ve updated the fields to display the data from IPinfo, rather than device location. This ensures consistency across all widgets, giving you reliable data every time.
Fix: IPv6 Named Location Tagging. We’ve improved tagging for IPv6 events based on named locations. This fix reduces false positives in your event-based checks, ensuring more accurate monitoring and fewer unnecessary alerts. It’s all about making your job a little easier!
Removed "All" Period Option from Tenant Access Logs. To make log management more straightforward, we’ve removed the “All” period option from tenant access logs. Now, you can filter logs up to the last 6 months, ensuring you only see relevant data.
Bug Fix - Do Not Show Orphan Observations. We fixed an issue where orphan observations were displayed without related checks. Now, only relevant alerts are shown, reducing confusion and helping you focus on what matters.
Multiple Emails in Integration Notification Targets. You asked for more flexibility, and we listened. You can now enter multiple emails for integration notification targets, and we’ve added validation to prevent duplicate entries. This update ensures that the right people are notified, keeping your team in the loop.
"All" Option in Filters Always Shown. We’ve made the "All" option always visible in user filters. Some of you missed it because it was only shown on hover. Now, it’s always there, making filtering more intuitive and user-friendly.