Skip to content

Release Notes

RSS logo Subscribe to our RSS

Release notes for the November 30, 2025 update

Update Version 4.1.202511282153

New Features

Added connection support to multi-node RDS Farm from native RDP clients.

The option allows to establish RDP Proxy Sessions from native desktop or mobile RDP clients to multi-node RDS Farm through the Connection Broker (load balancer).

To support this option, reused initially hidden RDS Load Balancer Info field to support RDP Sessions connecting to multi-node RDS Farms.

Use the value tsv://MS Terminal Services Plugin.1.RDSFarm for Microsoft connection broker.

Added the option to download RDP file from the asset view screen.

The option simplifies connection to remote Windows endpoints from native desktop and mobile RDP clients by preparing RDP configuration ready to establish privileged session through the application RDP proxy. Downloaded RDP file includes correctly filled parameters for host and user connection strings.

The option is only available for the assets accessible by RDP protocol.

Security

  • Updated application client side WEB framework to the latest minor version.

  • Updated database access component to the latest version.

  • Updated REST API documentation component to the latest version.

  • Updated application server side run time framework to the latest version.

  • Updated version and bill of materials maintenance component to the latest version.

Fixes

  • Fixed the spelling issue with the asset version context help.

  • Added WEB application icons wrapper binaries in preparation for the WEB Framework upgrade to new major version.

  • Updated WEB application style sheets to comply with Dart SASS 3.0 specification in preparation for the WEB Framework upgrade to new major version.

  • Converted legacy control flow statements in WEB application templates.

  • Fixed the issue with the number of parameters in the screen resize function.

  • Fixed the performance issue with WEB Application screen rendering that depend on permissions.

  • Migrated to signal based processing to optimize WEB GUI performance in home page dashboard, WEB application background, asset navigation, search, asset view, AWS configuration, profile and horizontal sidebar components.

  • Added debug level log about parsing authentication information passed by native SSH and RDP clients to troubleshoot communication protocol.

Release notes for the November 23, 2025 update

Update Version 4.1.202511211756

New Features

Added Search Center to the asset list screen.

Search center improves search experience to allow user to find right assets faster. Specifically, the update includes the following options:

  • Added support for multi-parameter search to refine search criteria with additional conditions including text or taxonomy based tags search.

  • Added support to save queries for future execution.

  • Added support to select search criteria from the list of saved queries to initiate search.

Added support for WEB Kubernetes sessions.

WEB Kubernetes sessions provide access to a container in the Kubernetes server namespace and pod hierarchy using Kubernetes server authentication.

Kubernetes sessions allow to reuse shared credentials to access several containers using mirror and member assets.

The update adds an Asset Type Kubernetes to support WEB Kubernetes sessions.

Added Quick Access option for each connectable asset in the list.

The Quick Access button launches a session with last used or default launch parameters, prompts for the access request, navigates to the request status or opens the launcher in case MFA is required depending on the access configuration and workflow state for the selected asset.

Added the WEB Session connection option to multi-node RDS Farm.

The option allows to establish WEB Sessions to multi-node RDS Farm through the Connection Broker (load balancer).

To support this option, added initially hidden RDS Load Balancer Info field to support WEB RDP Sessions connecting to multi-node RDS Farms.

Use the value tsv://MS Terminal Services Plugin.1.RDSFarm for Microsoft connection broker.

Extensions

  • Added a progress indicator when launching a WEB session.

  • Added a progress indicator during loading a session playback when playing session recording.

  • Added support for establishing connections to RDS Servers using native desktop or mobile RDP clients.

Security

  • Updated database access component to the latest version.

  • Updated data utility component to the latest version.

  • Updated WEB application build framework to the latest version.

  • Updates client side WEB application programming language to the latest version.

  • Removed obsolete, added optional dependencies to the WEB Application, updated font definitions, and unified keyboard event handlers in preparation for the WEB Framework upgrade to new major version.

Fixes

  • Fixed the issue with availability of Join Session option for active RDP and SSH Proxy sessions.

  • Fixed the issue with account field not displaying domain for the sessions created with native desktop or mobile RDP clients in the sessions report.

Release notes for the November 16, 2025 update

Update Version 4.1.202511141956

Extensions

  • Added support for continuous session recording and session events collection after reconnect happening during privileged sessions established using native desktop or mobile RDP clients.

  • Added support to display sessions playback errors.

  • Added support to display error message in addition to the error code for WEB Sessions and for the playback errors.

  • Added the option to connect directly to the sub-site in the application command line interface.

  • Added support for connection throttling and blocking based on failed login attempts for sessions established using native desktop or mobile RDP or SSH clients to protect against automated password brute forcing bots.

  • Added initially hidden Trust Certificate checkbox field to the WEB Portal asset type to enable WEB HTTP Sessions to the portals with invalid, expired, mismatched or self-signed certificates.

  • Added WEB Portal asset type to the list of enabled asset types in new tenants.

  • Added support to record and playback mouse cursor in WEB HTTP Sessions.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated application WEB container to the latest version.

Fixes

  • Fixed the issue with reporting correct gateway information for the sessions established using native desktop or mobile RDP clients.

  • Fixed the issue with reporting correct gateway information for the sessions established using native desktop or mobile SSH clients.

  • Fixed the issue with the site terminology in the application command line interface command completions.

  • Fixed the issue with assigning access profiles in sub-sites.

  • Fixed the issue with displaying a user defined report that returns no data.

  • Fixed the issue with error reporting when SSH proxy could not find asset in sub-site during connection.

  • Fixed the issue with timing out idle WEB HTTP Sessions.

  • Fixed the issue with join session available for active the WEB HTTP sessions.

Release notes for the November 9, 2025 update

Update Version 4.1.202511071506

New Features

Added support for User Defined Reports.

User Defined Reports option allows site administrators to build SQL based reports pulling data from the tenant database. Site Administrators and Site Auditors can browse and execute reports using Reports / User Defined list of build reports.

User defined report could be filtered (if report allows this), sorted by columns, paginated and exported to PDF or CSV format.

User defined reports creators should use script with the role Report and type SQL to create new reports in cross-platform Hibernate Query Language (HQL) using Entities described in the schema section of REST API Documentation.

The application includes several out of the box user defined reports as an example.

Added Intelligent MFA option to reduce number of MFA prompts.

When enabled, Intelligent MFA does not prompt for MFA for logins that match previous user behavior. MFA is enforced again when the user access falls outside of the established pattern such as logging from different location or different device, logging in after work hours, on the weekend or when MFA was not enforced for a long time, or when there are too many logins.

Intelligent MFA supports accessing the application using WEB, SSH or RDP interfaces.

Extensions

  • Added login and logout events for the sessions established using native SSH and RDP desktop or mobile clients.

  • Added MFA type used and interface (WEB, SSH or RDP) information to the event log message about user login.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated database access component to the latest version.

  • Updated unit test component to the latest version.

  • Updated REST API client and server components to the latest version.

Fixes

  • Fixed the issue with the Duo Security and Entra ID MFA wording for the sessions established by native desktop or mobile RDP clients.

  • Fixed the issue with the language translations of the messages displayed for the sessions established by native desktop or mobile RDP clients.

  • Fixed the issue with the application font used in the messages displayed for the sessions established by native desktop or mobile RDP clients.

  • Fixed the issue with forced logging out from the application when accessing function with expired permission displaying the error message instead.

  • Fixed the issue with short days of the weeks labels in Russian translation.

  • Fixed the issue with populating credentials fields on some sites using WEB HTTP Sessions.

  • Fixed the issue with exporting video recording with metadata in US English locale.

  • Fixed the issue with detecting a client IP address when accessing the application using WEB, SSH or RDP interfaces.

  • Fixed the issue with creating default gateway and out of the box access profiles when initializing new tenant.

  • Fixed the issue with long installation times on both Linux and Windows platforms.

  • Fixed the issue with uninstalling the deployment on Linux platform.

  • Fixed the issue with the HTTP channel name to align it with the names of the other channels.

Release notes for the November 2, 2025 update

Update Version 4.1.202510311431

New Features

Added support to prompt for MFA when connecting to Windows servers using desktop or mobile RDP clients.

The new feature allows the access broker to interrupt the network traffic to perform interactive authentication step before resuming the session with the remote Windows server. Users interact with the access broker to provide second authentication factor within the RDP client streaming prior to switching the stream to the destination endpoint.

Besides native RDP client there are no agents or WEB Browser required to run on both client and server devices.

The access broker supports the following MFA providers:

  • Entra ID push with number matching
  • Entra ID OTP
  • Google or Microsoft Authenticator TOTP
  • Yubikey HOTP
  • RADIUS compatible providers such as RSA/SecureID
  • Cisco Duo Security push or OTP
  • OTP delivered through email

Extensions

  • Added weekly Sessions Summary widget to the application home screen.

  • Added the option to verify trust with the Duo Security server endpoint.

  • Added remote application for MS SQL Server Studio.

  • Added number matching MFA enforcement for Entra ID users logging in directly to the WEB application.

  • Added the option to configure workflow parameters such as weekends, holidays and working hours using Workflow Forms / Configuration screen.

  • Added the option to test Peer node proxy connection.

  • Added Weekly Sessions count to the top bars statistics on the home screen dashboard.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated application builder component to the latest version.

  • Updated database access component to the latest version.

  • Updated scheduler component to the latest version.

  • Updated Oracle RDBMS driver to the latest version.

  • Updated MySQL driver to the latest version.

  • Updated server side REST API documentation component to the latest version.

  • Updated data conversion component to the latest version.

Fixes

  • Fixed the issue with duplicating search results in the list of users when selecting local users.

  • Fixed the issue with displaying peer node proxy token on the Peer Node editing screen.

  • Fixed the issue with ambiguous name of the Proxy Token field on the peer node editing screen.

  • Fixed the issue with disabling Login button on the WEB application login form during authentication process.

  • Fixed the issue with event columns label in the event report for archive, backup and password requirements messages.

  • Fixed the issue with displaying weekly login statistics on the home page.

  • Fixed the issue with supporting wildcard certificates when establishing trusts with the external servers.

  • Fixed the issue with Entra Id MFA on the WEB session launcher screen to use Transit Credentials when the password is not specified.

  • Fixed the issue with displaying the warning when navigating out of Grant Permissions screen after the user is selected.

Release notes for the October 26, 2025 update

Update Version 4.1.202510242138

Extensions

Improved the option to transfer files in the WEB Sessions.

  • Added an indicator to a session control box displaying a progress of file upload in a WEB session. The progress indicator as well as the file upload happens in the background allowing a user to continue interacting with the session. The progress indicator supports displaying or multiple uploaded files. File Download progress is monitored by the native browser download facility.

  • Added support for large files upload using drag and drop mechanism to the WEB Session screen as oppose to using in-session File Manager.

  • Added support for large files download using native WEB Session tools such as Linux utility or Windows shared drive Downloads folder as oppose to using in-session File Manager.

Added session and session events metadata to the exported video recording.

  • Added the option to embed session metadata (including asset, user and session start and completion times) at the beginning of the exported video recording.

  • Added the option to embed session events at the event time location (including event type such as keyboard or file upload, and event preview) to the exported video recording.

Improved multi-language and multi-region support

  • Added support to export reports to PDF and CSV formats using the language selected by user in the WEB GUI.

  • Fixed the issue with the exported reports font to match the application font.

  • Fixed the issue with rendering Cyrillic and Japanese GUI and exported reports using the application font.

  • Fixed the issue with rendering dates in the exported reports and video recordings in the format of the selected user language.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated internal scripting language component to the latest version.

Fixes

  • Fixed the issue with searching local users by their last names.

  • Fixed the issue with enabling Save buttons on the Access Profile asset association screen when selecting a user or modifying the access profile selection.

  • Fixed the issue with blanket information messages in the application log file about terminating IP resolution pool.

  • Added URL information in the error message in the application log file about authentication failures.

  • Fixed the issue with the WEB application does not auto-logout after inactivity timeout happening during host computer hibernation.

Release notes for the October 19, 2025 update

Update Version 4.1.202510172141

Security

  • Updated application client side WEB framework to the latest version.

  • Updated application WEB Container to the latest version.

  • Updated MS SQL Server Driver to the latest version.

  • Updated REST API Documentation component to the latest version.

  • Updated context help management component to the latest version.

  • Updated database access component to the latest version.

  • Updated high-performance networking component to the latest version.

  • Updated PDF toolkit component to the latest version.

Extensions

  • Added a help button with a link to a documentation page on every screen of the WEB application next to the screen title.

  • Added duplicate Save and Cancel buttons at the bottom of each editing screen in the WEB application.

  • Added color indication for the password strength meter.

  • Added the option to search users by first and last name in addition to login when selecting users.

  • Added User Search property to LDAP configuration to support query selecting users by complex search criteria including first and last names.

  • Added Test Connection, Connect and Auto-populate and Verify Trust buttons after definition of parameters that are enough to connect on the LDAP editing form to emphasize the value of auto-population of configuration parameters.

Fixes

  • Fixed the issue with session event preview displayed in the site events report.

  • Fixed the issue with the unlock safe link button on the safe link editing screen sometimes generates an error.

  • Fixed the issue with Safe Link option available for the master users on the asset view screen.

  • Fixed the color of warning messages to more prominent orange.

Release notes for the October 12, 2025 update

Update Version 4.1.202510101641

New Features

Added support to mask passwords captured as keyboard session events.

The option improves security of Session Events report as well as sessions video recording playback in the situations when a user types passwords to 3rd party systems captured by the session event recording.

Safe link option allows to quickly share secret information with unauthenticated users using messaging applications in a secure way instead of sending sensitive information directly.

Safe links protect sensitive information from being pre-loaded by the messaging applications but require human interaction to access instead. Unique safe links expiration is based on time or number of views. Safe links management and access is audited. Sharing sensitive asset data using safe links could optionally require multi-level approval process.

Added the option to pin assets and containers for quick access.

The option improves asset database navigation by allowing users to select frequently used assets to view them in the designated Pinned Assets area.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated application WEB Container to the latest version.

  • Updated database access component to the latest version.

  • Updated build time project consistency checker to the latest version.

Extensions

  • Added the explicit logic of modifying secret fields on the asset editing screen for clear state designation to preserve the existing value, to edit and to clear the field.

  • Added support for TOTP MFA tokens bypassed to the remote applications.

  • Added remote application for AWS WEB Console using two authentication factors.

  • Added support to display authentication or authorization errors on the login screen in case of failed login.

Fixes

  • Fixed the issue with PuTTY remote app typing the password in the previously opened application.

  • Fixed the issue with bypassing custom asset fields to the remote application.

  • Fixed the issue with missing context help for RDP and HTTP Proxy configuration pages.

Release notes for the October 5, 2025 update

Update Version 4.1.202510031538

New Features

Added the option to filter and control commands executed in active sessions.

The option allows precise control over which shell or terminal commands are permitted or denied during a secure remote session. In addition, the option ensures that only trusted binaries from approved directories are executed.

Added the option to join active sessions.

The option allows asset managers to join active sessions in Monitoring (read only) or Participation (active) mode.

The shared sessions are useful in the multiple network administration scenarios:

  • To review and control the session real time.
  • To allow training or demonstrations.
  • To enable live session intervention capabilities during active security incidents
  • To facilitate immediate threat containment without waiting for session completion

Security

  • Updated application client side WEB framework to the latest version.

  • Updated REST API Documentation component to the latest version.

  • Updated HTTP Communication component to the latest version.

  • Updated database access component to the latest version.

  • Updated WEB frontend builder component to the latest version.

  • Updated build time testing component to the latest version.

  • Updated Windows system tools component to the latest version.

Extensions

  • Added domain users and groups management MMC snippet remote application driver to enable zero trust management of domain administration.

  • Added account management support including credentials rotation and verification for database servers: Oracle RDBMS, MS SQL Server, IBM Informix DB, MySQL, MariaDB and PostgreSQL.

  • Added the option to manage and execute SQL scripts on the database servers.

Fixes

  • Improved event log message readability to display event parameters separated by comma.

  • Switched bootstrap logger configuration to information level.

Release notes for the September 28, 2025 update

Update Version 4.1.202509261730

New Features

Added session events references to the session recording player.

Displaying session events such as user keystrokes, clipboard or file transfers allows the viewer to evaluate the context of the video recording, to quickly scroll the playback on the important timeline position or to review the session activities while watching the recording.

Added the option to launch desktop applications in Zero Trust session on the RDS jump host.

The option enables development of Zero Trust Access with full session recording capabilities for a wide range of desktop applications ("fat clients") published via Remote Desktop Services (RDS) as Remote Applications.

The option is applicable to multiple use cases such as:

  • Database development.
  • Data analysis.
  • System administration.
  • Shared Web portal access.
  • Digital marketing.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated application build component to the latest version.

  • Updated bill of materials management component to the latest version.

  • Updated HTTP client component to the latest version.

  • Updated logging component to the latest version.

  • Updated encryption utility component to the latest version.

  • Updated operating system interface component to the latest version.

  • Updated mail implementation component to the latest version.

  • Updated XML runtime component to the latest version.

  • Updated common utility component to the latest version.

Extensions

  • Added the option to interactively update transit credentials for SSO logins.

  • Added reporting of Enter key in the keyboard session events.

  • Added the option to search session events by event preview.

  • Added the option to filter session events by clipboard upload or download events at the same time.

  • Added the option to filter session events by file listing, upload or download events at the same time.

  • Added the option to open a session player from the sessions event report and jump to the event position in the report.

  • Added IBM PC5250 terminal remote application driver to enable zero trust connections to IBM i servers.

  • Added Mocha TN5250 terminal remote application driver to enable zero trust connections to IBM i servers.

  • Added Microsoft Remote Desktop Client (mstsc) remote application driver to enable zero trust connections to Windows Hosts through RDS jump server.

  • Added PuTTY remote application driver to enable zero trust connections to Unix Hosts through RDS jump server.

  • Added account management support for network devices: Cisco, Cisco Nexus, Brokade, F5 BIG-IP, Fortigate, Juniper, NetApp, Netscaler, Palo Alto.

Fixes

  • Fixed the issue with the keyboard shortcut help on the session player to focus on important options.

  • Fixed the issue with the font color of the read only properties on the Profile / Account screen.

  • Fixed the issue with empty credentials type selection on the gateway launcher screen in the situation when the previous launch made for the selection that is not present for the current asset.

  • Fixed the issue with accessing Entra ID group members on the Access report.

  • Fixed the issue with the blanket error message when disconnecting from some sessions.