Duo Aliases on User Profile

We consistently strive to enhance the value of our integrations. In our last release, we introduced the ‘Policies’ data type for the Duo integration. In this release, we are providing visibility into the Duo Aliases on the User360 profile. This enhanced visibility enables Duo customers to interact more effectively with Oort search functionality based on the Duo aliases you currently engage with within the Duo platform continuing to foster a more seamless integration experience.

This added functionality also enables you to search the Duo alias within the Oort Platform. As illustrated below, in advanced search mode, entering the query ‘integrationInstanceDetails.userKey.keyword:/.*karsch.*/’, populates the user as it is an Alias on the Duo User360 profile card.

More advanced query examples like this one can be found in our Docs pages.

Account Inconsistency Status

In this release, we are enhancing the user inconsistency search parameter introduced in the last release. Seeing the ‘Inconsistent’ badge in the Oort platform informs you that we are seeing discrepancies across IdPs for a given user account. We analyze various factors to determine account inconsistencies such as employment status, whether the account is active or not, and Enablement status.

Having this insight enables you to more easily determine account status discrepancies that can pose a significant security threat like a user that is Deprovisioned in an HRIS system but still is active in your AD environment.

On the dashboard, you will now find ‘Inconsistent Users’ displayed on the ‘Identities’ card.

Clicking on the number from the dashboard will navigate you to the ‘Users’ tab, where you will see a filtered list based on the ‘Inconsistent’. Hovering over the ‘Providers’ will provide you with more insight into why the user is considered inconsistent. In the example below, the user is Active in one provider and Deprovisioned in the other.

Going into the User360 profile, you will also see the ‘inconsistent’ badge next to the user's registered location. Hovering over the badge will show you the same breakdown you saw on the ‘Users’ list. We have also included the ‘compiled’ status in the summary. In this case, the user is considered an ‘Unauthorized’ because they are not enabled in an HRIS system or one of the IdPs. They are considered an ‘Employee’ because an HRIS system is connected to the Oort platform.

Bug Fixes and Minor Improvements

• Group table sorting. Bug fix related to sorting on the groups table within the ‘Groups’ tab of the User360 when there are duplicate groups. You are now able to sort the despite having duplicate group names.

• Ellipsis to table cells. Bug fix related to not seeing ellipsis on the table cells where the cell is not wide enough to display the full text.

• Parenthesis on free text value. All advanced searches no longer need a parenthesis.