Skip to content

Release notes for the February, 8 2026 update

Update Version 4.1.202602061610

New Features

Added the option to Discover and Import Kubernetes containers.

This option automatically discovers namespaces, pods, and containers within Kubernetes deployments and can optionally import them into the Credential Vault. It supports both discovery-only and discovery-and-import modes, enabling organizations to identify and manage containers running across Kubernetes environments.

Discovery and import processes can be scheduled to run periodically, ensuring the Vault stays up to date as new pods and containers are created.

To reflect the hierarchical structure of Kubernetes and simplify navigation and search, the import process maps Kubernetes namespaces and pods to Credential Vault folders, creating individual containers as assets within their corresponding namespace and pod.

Imported assets automatically inherit discovery access and authentication for immediate privileged access.

The import process applies Intelligent Tagging rules to imported assets, enabling easier search, streamlined asset management, and consistent application of system policies.

Extensions

  • Added out of the box asset type Network Appliance to encapsulate privileged access elevation using enable mode as well as password reset and verification for network devices such as Cisco, Cisco Nexus, Palo Alto, Juniper, Brocade, NetApp, F5 BIG-IP, Fortigate, Netscaler, etc.

  • Added human readable explanation for the LDAP error codes.

  • Added support for elevating permissions of the sessions established using native desktop or mobile SSH clients.

  • Added WEB HTTP sessions error feedback to the WEB session screen.

  • Enhanced visibility into quick-launch session access denials by displaying the reason for denial.

  • Added the option to apply Intelligent Tagging rules based on the asset name.

  • Added the option to apply Intelligent Tagging rules based on the Kubernetes import source.

Security

  • Updated WEB application framework to the latest version.

  • Updated IP Address utility component to the latest version.

  • Updated server side REST API component to the latest version.

  • Updated database access component to the latest version.

  • Updated server side build component to the latest version.

  • Updated WEB application build component to the latest version.

  • Updated Code Editor View component to the latest version.

  • Updated XSS protection dependency component to the latest version.

  • Updated client side patterns expansion dependency component to the latest version.

  • Updated network streaming component to the latest version.

  • Updated Oracle RDBMS driver to the latest version.

  • Updated XML Binding API component to the latest version.

Fixes

  • Fixed the issue with removing an asset from the policy by changing asset or policy tags should remove firewall rules on the asset endpoint generated by the policies previously assigned to this asset.

  • Fixed automatic logout caused by inactivity timeout while editing unsaved forms.

  • Fixed the issue with duplicate confirmation dialog when navigating out of unsaved form to the list of objects.

  • Fixed the issue with deleting an asset that has historical sessions.

  • Fixed the issue with session permission elevation mode for Network Appliances (Cisco, Palo Alto, Juniper, NetApp, etc) and IBM i devices.

  • Fixed the issue with automatic execution of commands during establishing SSH session to the remote device.

  • Fixed the issue with saving VMWare integration editing form with malformed URL.

  • Fixed the issue with duplicate creation of Windows Defender Firewall rules for the source IPv6 address with 128 mask.

  • Fixed the issue with initializing Management Server IP List with the IPv6 sub-net with 128 mask when creating new tenants.

  • Fixed the issue with enabling Save button and screen exit protection after selecting a user or a group on the MFA Rule editing screen.

  • Added the protocol information to the system log message about failure to start the session because of unknown protocol.

  • Improved privileged web HTTP session brokering by adding multiple connection attempts to the browser driver.

  • Fixed the issue with site name validation in the Create and Update Site forms to enforce allowed characters.

  • Fixed the issue with creating or editing sites to allow dashes in the site name.

  • Fixed an issue with deleting assets that have directly associated Peer Nodes and Access Profiles.