Elements Identity Security Changelog
For the most recent updates, please click here to see the most recent changelog (only accessible for logged-in users).
To stay updated on future changes, we recommend bookmarking the discussion. Follow the steps outlined here to learn how to bookmark the discussion and be notified of any updates.
Comments
-
- The portal admins can now see the security events related to Identity BCDs and their detail
- You can also create email notifications for these events, by creating a view that filters events based in the Source as ‘Identity Security’. Once you configure an email report based on this view, you can receive email notifications on continuous frequency for the Identity events
- The admin can perform similar actions on these events as they do for other events like 'Acknowledge', 'Show all target events', 'Show all similar events'
0 -
Updates to Sign-in Detection Model
- Enhanced Location Context: We've improved our model to better recognize regular locations, reducing false alerts for impossible travel on a user-by-user basis.
- VPN Awareness: Our model now has enhanced detection for both personal and corporate VPNs. This improvement helps reduce false positives caused by VPN usage, which can make it appear as though you are signing in from a new location when, in fact, you are not. By recognizing VPN patterns, the model can more accurately determine your true location and reduce unnecessary alerts
Reducing Noise in Risk Sign-in Reports (for customers with P2 license)
- Fewer Unactionable Alerts: We've removed alerts with too many anomalies that don't require action, making it easier to focus on important issues.
- Suppressing Common Anomalies: We're now suppressing frequent anomalies from known sources to reduce unnecessary noise.
0 -
Exciting New Release: Identity Response Capability!
We are thrilled to announce a significant update to our detection and response product. This release introduces the Identity Response capability, designed to enhance your responsiveness to security incidents involving compromised users.
By configuring this new feature, Elements Cloud will integrate seamlessly with Microsoft Entra ID, enabling you to take swift action on affected users.
How to Set Up:
- Navigate to the Environment -> Cloud page.
- Go to the Detection and Response tab.
- Follow the instructions to configure the Identity Response capability. To assist you further, we have provided a helpful onboarding video to guide you through the process of onboarding.
Executing response actions could not be easier. Do this directly from the Identity Board Context Detections (BCDs), for quick, effective containment. The response actions included are:
- End the current user session
- Reset the users password
- Disable the users access
This capability helps prevent major impacts and stops attackers in their tracks.
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support