We’re excited to present the latest product update for Feb’24. Our engineering, product, and product design teams have worked relentlessly to introduce new features and enhancements to all our products, including Access Intelligence, Access Monitoring, Access Reviews, and Lifecycle Management. We’ve also added new Integrations and hardened existing integrations to support a growing range of customer environments and identity security use cases (ISPM, ITDR, CIEM, Next-Gen IGA, Cloud / Data / SaaS PAM).
At a glance, the changes include:
- Access Reviews: Usability enhancements, including enhanced terminology, better visibility into access review decision history, and support for editing saved Access Review configurations.
- Access Intelligence: Faster time-to-value with new Out-Of-The-Box(OOTB) dashboards for tailored insights into Snowflake and Salesforce authorization.
- Lifecycle Management: Enhanced ability to review past event logs and pending provisioning or de-provisioning actions.
- Platform: Added support for creating team-scoped API keys for programmatic access by non-root team members.
Below are detailed updates for each product area:
Access Intelligence
- Access Monitoring for Okta (CIEM, ITDR): Access Monitoring is now available for the Okta integration. You can use the Access Monitoring page or Query Builder to review dormant access and unused entitlements for Okta users, based on their actual access of Okta apps, AWS S3 buckets, or AWS Secrets Manager secrets.
- Saved Query Filter and Attribute-based Filter Combinations: Query Builder search can now use combinations of attribute-based filters and Saved Query filters.
- Snowflake Data Governance Dashboard: OOTB Snowflake insights are now available, including inert users, roles, role access, and least-privilege anti-patterns.
- Salesforce / SaaS Access Security Dashboard: A new OOTB dashboard for Salesforce is added, including analysises of Salesforce users, privileged access, and profile/permission set.
- Jira Alert Details: Direct issue links for associated Jira Orchestration Actions now appear on the Alerts page for improved tracking and remediation.
- Expanded View of Per-Query Risk Trend Line: You can now click for an expanded view of change trend line over time on the Risks > Queries with Risks page.
Access Reviews
- Terminology: Updated terms from Workflow to Review Configuration and from Certification to Review for clarity and consistency.
- Access Intelligence Automation: Added informational columns for visibility into accepted or rejected decisions based on Intelligent Automation for Access Reviews.
- Edit Review Configuration: Access Review owners can now edit existing Review Configurations to update the query, orchestration actions, and settings for reminder email and notification.
- Action Log in PDF Exports: You can now include decision history for each row as an optional column when exporting a Review to PDF.
- Access Review Audit Trail: Reviews now include optional columns indicating the reviewer who made the decision and the decision time.
Lifecycle Management
- Event Log Filtering: You can now filter the list of provisioning or de-provisioning events by user name and event type.
- Pending Tasks: You can now preview jobs queued for execution based on provisioning policies.
Veza Integrations
- Oracle Fusion Cloud: New integration where Veza discovers users, role assignments, permissions, and Security Contexts.
- Jira Data Center: New integration where Veza discovers projects, users, groups, and roles for Jira Software Data Center.
- Okta Group Rules: Added support for Okta group rules which grant permissions based on user attributes or group memberships.
- Box Effective Permissions: Improved visibility into effective permissions for Box roles.
- AWS Identity Center Account-level Permission Sets and Role Trust Policy Evaluation: Improved the evaluation of IAM Role trust policy for AWS Permission Set assignments and cross-account role assumption.
- LastPass Roles: Added support for user and folder roles based on sharing settings in LastPass.
- Coupa User Attributes: Added more filterable attributes for Coupa users.
- GitHub SAML Name IDs: Added support for the
saml_name_id
user attribute for Custom Identity Mappings. - Okta App Status: Added the
status
attribute for Okta App entities, indicating if an app is active. - Microsoft Azure Role Assignment Details: Added additional scope attributes for Role Assignment entities in System query mode for Microsoft Azure.
Veza Platform
- API keys for Non-Root Teams: Users can now create API Keys scoped to their non-root team role. In the API Keys page, one can see a list of all keys available for the user’s active teams.
Your feedback is invaluable, and we’d love to hear from you at support@veza.com.