Oort is now part of Cisco  |  Learn more

email@example.com
Try it free
I'm trying to
Detect & Respond to Identity Threats
Clean up IAM Hygiene with Robust analytics
Understand MFA usage and Adoption
Manage My Identity Security Posture
Provide a Layer of Security for SSO
My role is
CISO
IAM Team
Security Team
IT Help Desk
SOC Team
Back

Weekly Release Notes: Week 12, 2023

Summary

While some of our team were at Gartner IAM and SecureWorld Boston last week, the Oort Identity Security Platform continued to grow! This week, you’ll benefit from new dashboard updates, extra IP-based context, and a new check that helps to ensure your Salesforce is tied to your SSO.

📈 Dashboard Updates

Since we released the Identity Security Dashboard last week, we’ve already been busy taking your feedback on board and adding new components. This week, you’ll notice two main updates: 

1. Sensitive Application Activity. Within the initial dashboard release, we displayed the least used applications. In this release, we’ve included a specific component for sensitive application activity. This displays the distribution of assigned accounts using and not using the application. Given that these applications are sensitive, access should be reassessed if many assigned accounts are not using the applications.

Oort-1-Mar-27-2023-03-36-40-5403-PM

2. Monthly Sign-In Activity. Several of our checks provide insights into IP probing and password spraying attacks. When you’re trying to understand what “normal” looks like, it can be helpful to have a month-to-month baseline of successful and unsuccessful login attempts. This new component visualizes failed and successful login activity on a monthly basis. 

Oort-2-Mar-27-2023-03-37-21-3409-PM

Furthermore, for those who love the dashboard and want to land on it by default with every log-in, you can change your settings in Tenant Settings - Landing Page. 

Oort-2B

✅ Ensure Salesforce Access is Through SSO

Over the past few months, we’ve been releasing more and more ways to understand risks associated with Salesforce access. For example, several weeks ago, we released the ability to detect when Salesforce logins bypass SSO.

When companies enforce SSO for Salesforce, this should ensure that users can no longer access the application with a username and password. 

In our latest release, we have a new check to detect that these settings are in place - “Direct Log On to Salesforce Settings.” This check will detect if there is still an option to sign in with a username and password. 

Oort-3-Mar-27-2023-03-38-39-6282-PM

🌐 More IP Info in Networks

We’re frequently updating our User 360 profiles so that you have the richest context for every identity in your population. Within the Networks section of the user profile, we have added context on IP addresses that will be helpful in an investigation. To access this context, simply click on the relevant row, and a side panel will appear with information on the ASN, ASN Domain, ASN Name, ASN Type, and ASN Country.

Oort-4-1

Bug Fixes and Minor Improvements

  • Disabled users. We will no longer evaluate checks for disabled users.
  • Azure Blocked Requests. We now recognize blocked requests from Azure Active Directory. 

Recent Blogs

Weekly Release Notes: Week 17, 2024

User Linkage Suggestions 

This week, we’re excited to introduce User linkage Suggestions withintrue

Read more

Weekly Release Notes: Week 16, 2024

New Okta Workflow Connector

We’re thrilled to announce that our Okta Workflow Connector is now livetrue

Read more