Oort is now part of Cisco  |  Learn more

email@example.com
Try it free
I'm trying to
Detect & Respond to Identity Threats
Clean up IAM Hygiene with Robust analytics
Understand MFA usage and Adoption
Manage My Identity Security Posture
Provide a Layer of Security for SSO
My role is
CISO
IAM Team
Security Team
IT Help Desk
SOC Team
Back

Weekly Release Notes: Week 22, 2023

Following an exciting week at Identiverse 2023, we’re starting off the week with a flurry of new capabilities. This week, our headline item is a new check for monitoring activity from untrustworthy Internet Service Providers (ISPs).

⚠️ Monitor Activity from Untrustworthy Internet Service Providers 

You may have noticed that we have recently put a lot of effort into adding more identity-related context from IP addresses. This has included adding in ASN (autonomous system number) data, such as ASN, ASN Domain, ASN Name, ASN Type, and ASN Country. 

You may want to track activity from ASN domains that are untrustworthy, which is exactly what we have introduced this week with the “Activities from untrustworthy ISP” check. This continuously monitors for successful logins from new ISPs that have a low trust score. New ISPs are those that have not been seen in the last 90 days, and the trust score is calculated from enrichment services and the Tranco Top 1M list.

image2-Jun-05-2023-01-59-56-7375-PM

image1-Jun-05-2023-01-59-56-6549-PM

📧 Wizer Security Awareness Videos Available in Check Notification Emails

We recently introduced Wizer security awareness videos into Oort checks. These videos have been available in the Oort Dashboard, as well as in Slack messages that go to impacted Users. Included short videos help the user to understand the associated security risk of their failed check, such as using weak forms of MFA.

Videos are now also available in email-based alerts, further enabling users and managers to understand the importance of identity security.

Bug Fixes and Minor Improvements

- Inactive guest account check. In addition to Azure AD, this check also covers Okta, Workday, and Slack accounts.
- Password expiration failure. Enhanced explainability to include the associated provider.
- RBAC roles. Role-based access controls now apply to Slack and Teams, so users without the appropriate permissions cannot mark checks as “normal behavior” or “interesting”.
- Observations “Expired” state. After seven days, Observations will show an “Expired” state. This will help to ensure you do not have stale failed event-based checks.
- Azure Factor History. New data displayed within User360 profiles to show the history of an MFA factors in Azure.

Recent Blogs

Weekly Release Notes: Week 16, 2024

New Okta Workflow Connector

We’re thrilled to announce that our Okta Workflow Connector is now livetrue

Read more

Weekly Release Notes: Week 14, 2024

User Overview User Integration Updates 

We are continually working to enhance the user experiencetrue

Read more