Console
What's new
Policy
-
New Linux Attributes: Added the following Linux attributes to policy rules:
-
OS Version:
-
File Exists:
-
Installed Security Software:
-
- New Authentication method: Added “Manual Link Copy” as an Authentication Method for transactions.
Events
-
[BIT-1741] New “flow_type” event: If you've created policy rules for Authentication that use an Authentication Method, we’ve added "flow_type" to data in USER_AUTHENTICATION events.
The following authentication flow types detected are:
- localhost
- embedded
- scheme
- pipe
- roamingAuth
- copy
- universalLink
- androidAutofill
- androidAccessibility
Risk signals
The following table describes new risk signals that have been published. For more information, see Risk Signals and Policy Configuration.
Signal Name | Applicable OS | Description |
Antivirus off |
macOS |
Checks whether the authenticating device has antivirus disabled. Example usage in policy |
Firewall off |
macOS |
Checks whether the authenticating device has a disabled firewall. Example usage in policy |
Launch mechanism insecure |
All |
Checks whether authentication uses a launch mechanism without origin information. The following authentication flow types trigger detections:
|
Comments
0 comments
Please sign in to leave a comment.