Skip to content

Release notes for the August 17, 2025 update

Update Version 4.1.202508151808

New Features

Added Remote Access Module for Zero Trust Connections

The Remote Access module enables secure, zero trust connections to remote devices. It is designed to control and monitor access through agentless session management, including recording, approval workflows, and support for both web and native protocols.

Key Features

  • Zero Trust Session Access
    Establish secure sessions with credential injection for remote devices using supported protocols such as SSH, RDP, VNC, Telnet, SFTP, and SCP.

  • Agentless Connection
    Use a web browser or a native application (e.g., PuTTY, Remote Desktop Client, MobaXTerm, WinSCP) to initiate sessions without deploying agents on the client or destination device.

  • Zero Trust HTTP Sessions
    Access web portals securely using a browser-based driver to communicate directly with the target web server including credentials injections into the login forms.

  • Zero Trust SSH Tunnel Support
    Create SSH tunnels with credentials injection for secure access to databases, network devices, medical equipment, SCADA systems, or process automation devices via a distributed network of relay nodes.

  • Zero Trust SSH Exec Support
    Enable command execution over SSH protocol with credentials injection for job automation and itegration tools (e.g., Ansible) to connect to target endpoints with the option to record the execution event with the command, command output and errors.

  • Multi-Language On-Screen Keyboard
    Available during web sessions for enhanced accessibility.

  • Flexible Credential Injection
    Inject session credentials into the protocol stream on the server side from the main asset, a related member or shadow asset, or by bypassing the currently logged-in user's credentials without exposing them to the user or transferring credentials to the client device.

  • Session Recording
    Record sessions as video streams for instant playback or export to standard formats (AVI, MOV, MP4).

  • Session Event Permissions
    Granular permissions for the session activity such as keyboard input, file transfers, and clipboard transfers to and from the asset endpoint granted to users or groups.

  • Session Event Tracking Capture and log events such as keyboard input, file transfers, and clipboard activity between client and endpoint including capturing content of transferred files, clipboard or executed commands.

  • Multi-Factor Authentication (MFA) Require MFA confirmation before establishing sessions.

  • Granular Access Permissions
    Assign session access rights to specific users or groups for individual assets or asset groups.

  • Approval Workflows
    Support multi-step or automatic access request approval processes.

  • Remote Gateway Peer Nodes
    Enable access to assets in isolated data centers or virtual private networks reachable only via peer nodes.

  • SSH Shell Interface
    Navigate the asset vault container structure using terminal interface and initiate connections directly to selected assets following single authentication process.

  • Comprehensive Session Reporting
    Generate detailed reports on session times, users, assets, protocols, events, transferred files, clipboard content, and executed commands.

  • Native Integration with the Credentials Vault
    Includes support for authentication methods, permissions, workflows, multi-tenancy, hierarchical site and container structures, asset sharing, search, tagging, import, SSO authentication, REST API, and reporting.

Security

  • Updated application client side WEB framework to the latest version.

  • Updated MariaDB driver to the latest version.

Extensions

  • Added a warning message to the login screen of the base tenant that only master administrators can login here.

  • Added tenant name to the login screen to identify the destination tenant.

  • Added support for protected private keys in ssh.com packaging.

  • Added support to execute scripts on the devices with private keys protected with weak passwords.

Fixes

  • Fixed the issue with script execution using SSH connection based on the private key without the password.

  • Reduced the size of the error reporting about re-authentication when switching windows context on the GUI.

  • Fixed the issue with executing asset jobs after the license expiration.

  • Fixed the issue with using protected private key to execute jobs.