What’s new
We have a new look!
Our new homepage provides a breakdown of your organization's risks by user and passkey, allowing you to easily identify areas that require attention. It also displays authentications blocked by your policy rules, giving you insight into how secure your organization really is and any areas that need a policy.
Want to learn more?
- Risk Signals & Policy Configuration - Describes the risks that display on this page and the policies you should set to block them.
- Understanding the Risk Dashboard - Describes how risk scores are calculated and how to get the most out of this feature.
Support for biometric/password during commit signing for GPG keys
You can now require any commits to be verified with biometrics to prevent local malware from committing code or developers from bypassing hygiene and security controls.
Secure DevOps is an add-on for Secure Workforce. Contact your Account Representative to add this feature to your environment.
Want to learn more?
- SDO - Beyond Identity Authenticator commit/sign verification integration guide for GitHub
- SDO - Beyond Identity Authenticator commit/sign verification integration guide for AWS
- SDO - Beyond Identity Authenticator commit/sign verification integration guide for Azure Devops
- SDO - Beyond Identity Authenticator commit/sign verification integration guide for GitLab
- SDO - Beyond Identity Authenticator commit/sign verification integration guide for Bitbucket
New Policy Attributes
For more information about policies, see How to define policies.
-
[BIT-1182] We’ve added two new TPM policies for Linux.
- TPM is - Checks whether the authenticating device does not have TEE (Trusted Execution Environment OR TPM).
- TPM version - Checks whether the authenticating device does not have TEE (Trusted Execution Environment OR TPM/Secure Enclave).
- TPM is - Checks whether the authenticating device does not have TEE (Trusted Execution Environment OR TPM).
-
Device OS End-of-Life Attributes - Under device platform, the following new end-of-life policy attributes have been added to quickly identify unsupported OS build versions so you can reach out to employees and contractors to update their devices to the latest version.
- Windows example:
- macOS example:
- Windows example:
-
OS Vulnerability Attributes - Under device platform, the following new policy attributes have been added to identify the number of critical or high severity Common Vulnerabilities and Exposures (CVEs).
- Windows example:
- macOS example:
- Windows example:
-
Launch mechanism insecure - Checks whether the authentication uses a launch mechanism without origin information.
- Loopback (All platforms) - Applies to authentication via the localhost. Set this transaction to Allow.
- Embedded (Web Authenticator) - Applies to authentication via a Web Browser. Set this transaction to Allow.
- App Scheme (All platforms) - Applies to the app identifier in a deep link. Set this transaction to Deny.
- Pipe/COM (Windows) - Applies to a temporary authentication connection between programs or commands. Set this transaction to Deny.
- Roaming (All platforms) - Applies to authentications made from a secondary device that is enrolled with Beyond Identity. This option requires that Roaming Authentication is enabled. See Configure roaming authentication for more information. Set this transaction to Allow if you've enabled roaming authentication.
- Copy/Paste (All platforms except Linux) - Applies to authentications where a link is manually copied/pasted to authenticate. Set this transaction to Deny.
- Universal Link (iOS only) - Applies to authentications where a magic link is clicked on to authenticate. Set this transaction to Deny.
- Autofill (Android only) - Applies to authentications where credentials are passed in using the autofill feature on Android. Set this transaction to Deny.
- Accessibility (Android only) - Applies to authentications where an alternative mechanism used to launch the platform authenticator app. Set this transaction to Deny.
-
No TEE - Checks if the authenticating device does not have TEE (Trusted Execution Environment OR TPM/Secure Enclave).
- Windows example:
- macOS example:
- Windows example:
-
Anomalous authentication interval - Checks whether the time between authentication and trailing authentication is anomalously long > 30 days (located under Behavior).
- Example Anomalous authentication interval policy attribute:
- Example Anomalous authentication interval policy attribute:
Resolved
- [BIT-1753] We now check and clear the bounce list when an admin sends a new passkey via the ‘Enroll a Passkey’ option.
- [BIT-1791] Device info collection on the Crowdstrike Falcon Agent Id has been improved. Before, when we failed to obtain the Agent Id, this was reported as unsupported. From now on, failure to read the data.zta file will include an exact error in the device info and logs to help with further investigation.
- You can now test SIEM integration endpoints without needing to change any values.
Comments
0 comments
Please sign in to leave a comment.