Skip to content

2026

Release notes for the March, 1 2026 update

Update Version 4.1.202602271557

New Features

Added the option to detect and log process launches within RDP sessions.

The new process monitoring option detects applications launched within RDP sessions established through the proprietary Web client as well as native desktop and mobile clients.

For each detected process, detailed metadata is captured as a session event, including process name, executable path, launch parameters, window title, and the user context if executed under a different account.

Process events are available in the Session Events report and are also synchronized with the session video player, allowing direct navigation to the exact point in the recording where the process was started.

This capability enables auditors and system owners to review graphical RDP sessions more efficiently using structured transcripts and AI-powered analysis, while providing fast video navigation for monitoring, investigation, or training purposes.

Extensions

  • Added auto-tagging support for the process of Discovery and Import privileged accounts from Windows devices.

  • Added the option to search session events by the event object (file name, etc).

  • Added documentation for database objects that could be used in the Used Defined reports.

Security

  • Updated application WEB framework to the latest version.

  • Updated dashboard chart component to the latest version.

  • Updated REST API data biding component to the latest version.

  • Updated database access component to the latest version.

  • Updated database pool component to the latest version.

  • Updated Code Editor language component to the latest version.

  • Updated WEB Icons component to the latest version.

  • Updated client side package manager to the latest version.

  • Updated string management component to the latest version.

  • Updated PDF tables generation component to the latest version.

  • Updated SSL / TLS strategy during communications with integrated applications to the latest version.

  • Updated CSV parsing procedure used in CSV, Windows, Kubernetes import as well as SQL Driver to the latest version.

  • Updated CSV generation procedure used in report export to the latest version.

  • Updated the data binder mapper construction to the latest version.

  • Updated namespace utilization in the SAML parsing to the latest version.

Fixes

  • Fixed the issue with extra space appearing in long previews in the Session Events report.

  • Fixed the issue with session events details panel for the events close to the end of the recording to fit to the screen.

  • Fixed the issue with WEB RDP Session recording for RDP sessions with certain mouse activities.

  • Fixed the issue with Events dropdown in the session player displaying line breaks in the event preview.

  • Fixed the issue with too narrow events dropdown in the session player.

  • Fixed the issue with distorted asset icons for some of the assets with long names.

  • Fixed the issue with distorted asset icons for the asset types with long names.

  • Fixed the issue with disabling the Register button when clicked on the initial registration screen.

  • Fixed the internationalization issue with error messages produced by WEB HTTP sessions.

  • Fixed the issue with the blanket message about file storage for video recordings detection for the configurations without custom file storage configured.

  • Fixed an issue causing a generic error log message related to saving session transcripts for non-SSH sessions.

  • Fixed the error message about saving session transcripts.

Release notes for the February, 22 2026 update

Update Version 4.1.202602201334

New Features

Added the option to review text transcript of SSH sessions.

The option allows to download a complete input and output text transcript of SSH sessions established through both WEB client or native desktop or mobile clients.

In addition to full session video recording and session events logs, text transcripts support forensic investigations by providing searchable and reportable evidence, helping detect sensitive data access, privilege misuse, and insider threats, while also simplifying operational troubleshooting.

Added instant query option to the Ask AI dialogue.

The option allows to quickly query Cloud AI (such as OpenAI or Azure OpenAI) about the results visible on the Events, Session Events, Sessions and Jobs reports as an alternative of using preconfigured prompts.

Extensions

  • Added support to display session events on the session player timeline and in the list of session events with the options to navigate between the events for the sessions established through the native desktop or mobile SSH clients.

  • Optimized resource utilization during video playback of sessions established through native desktop or mobile RDP clients.

Security

  • Updated application WEB framework to the latest version.

  • Updated REST API documentation controller to the latest version.

  • Updated server side application test framework to the latest versions.

  • Updated SSH session transcript player to the latest version.

  • Updated client side markdown processing component to the latest version.

  • Updated Code Editor view component to the latest version.

Fixes

  • Fixed the issue with creating session objects for the sessions established through native desktop or mobile RDP clients.

  • Fixed the issue with missing filter by Created date on the list of Cloud AI Insights.

  • Fixed the issue with selecting dates using date picker.

  • Fixed the issue with moving the Ask AI dialogue on the screen.

  • Fixed the issue with displaying or navigating through session events that contain too long or too short words.

  • Fixed the issue with displaying the event on the session event report that contains long string without white spaces.

  • Fixed the issue with maintaining heartbeat time for the sessions established using native desktop or mobile RDP client.

  • Added initially hidden out of the box Process Monitoring field to the Windows Host asset type to support upcoming option to record session events about started processes on the Windows endpoints.

  • Fixed the issue with password masking applied for Keyboard input events only.

Release notes for the February, 15 2026 update

Update Version 4.1.202602130935

New Features

Extended privileged control and monitoring for the sessions established using native desktop or mobile SSH clients.

  • Text Transcript: Added the option to download a complete input and output text transcript of SSH sessions established using native clients. In addition to full session video recording, text transcripts support forensic investigations by providing searchable and reportable evidence, helping detect sensitive data access, privilege misuse, and insider threats, while also simplifying operational troubleshooting.

  • Session Events: Added the option to record keyboard events in the SSH Sessions established using native clients.

  • Session Events: Added the option to record Bracketed-paste events in the SSH Sessions established using native clients.

  • SSH Exec: Added support for Command Filters in SSH exec sessions established using native SSH clients. In addition to regular filtering of remotely executed commands, this option allows selected commands — but not all — to be executed with elevated privileges from within a non-privileged session on the same device.

Added the option to request a password reset for local directory users

This option allows system owners to flag a user account in the local directory to require a password reset at the next login to the application WEB Console.

It is particularly useful when onboarding new users — especially external, temporary, vendor, or contractor accounts — helping regulated organizations enforce secure first-login credential policies. It can also be applied following a security incident to require privileged users to immediately renew their passwords and reduce the risk of compromised credentials remaining in use.

Added automated privileged initialization for SSH Sessions

This option allows system owners to schedule execution of a predefined command — including securely supplying a password — before releasing session control to the user.

It is useful for elevating privileges on network devices that require non-standard escalation commands. It can also automatically launch database clients with privileged connections pre-established, mount sensitive resources required for the session, or perform preparatory configuration to ensure the session starts with the appropriate level of privileged access.

Added the option to run scripts on a group of assets

This option enables bulk execution of a selected script across all assets of a chosen type within a specified container.

Group execution is useful in scenarios such as resetting passwords on RHEL servers hosted in AWS following a security incident, or rotating administrator passwords on Windows Server 2016 Domain Controllers after a vulnerability has been identified and remediated to ensure previously exposed credentials are no longer valid.

Extensions

  • Added the option to store session video recordings and file transfers in the location outside of the application deployment folder.

  • Added the option to reset password for the asset using user provided password instead of generated one. The password provided by the operator should comply with the password requirements configured for the asset.

  • Added the option to search assets by asset type including support to save queries with asset type condition.

  • Added support to prompt approver for a comment when approving action requests.

  • Added the option to export Event, Session, Session Event and Jobs reports to text format.

Security

  • Updated WEB application framework to the latest version.

  • Updated database access component to the latest version.

  • Updated Code Editor view and command components to the latest version.

  • Updated HTTP transport component to the latest version.

  • Updated Markdown rendering component to the latest version.

  • Updated PostgreSQL driver to the latest version.

Fixes

  • Fixed the issue with the documentation link on the Access Wall configuration page.

  • Fixed the issue with search center label translations when refreshing the asset list screen using browser refresh.

  • Improved visibility of read only information fields on the approve and reject dialogues.

  • Fixed the issue with displaying Japanese characters in WEB SSH sessions.

  • Fixed the issue with Job Pool and Job Runner labels on the Peer Node Configuration and Tunnel Configuration screens.

  • Extended the selection list of the out of the box Network Appliance Enable Level field to include 15 levels. The fix is applied for the new tenants. In the existing tenants the selection in the Enable Level choice field should be updated using the application GUI.

  • Extended the maximum limit to open a Safe Link to 12.

  • Extended system logging to troubleshoot WEB HTTP Sessions component interactions.

Release notes for the February, 8 2026 update

Update Version 4.1.202602061610

New Features

Added the option to Discover and Import Kubernetes containers.

This option automatically discovers namespaces, pods, and containers within Kubernetes deployments and can optionally import them into the Credential Vault. It supports both discovery-only and discovery-and-import modes, enabling organizations to identify and manage containers running across Kubernetes environments.

Discovery and import processes can be scheduled to run periodically, ensuring the Vault stays up to date as new pods and containers are created.

To reflect the hierarchical structure of Kubernetes and simplify navigation and search, the import process maps Kubernetes namespaces and pods to Credential Vault folders, creating individual containers as assets within their corresponding namespace and pod.

Imported assets automatically inherit discovery access and authentication for immediate privileged access.

The import process applies Intelligent Tagging rules to imported assets, enabling easier search, streamlined asset management, and consistent application of system policies.

Extensions

  • Added out of the box asset type Network Appliance to encapsulate privileged access elevation using enable mode as well as password reset and verification for network devices such as Cisco, Cisco Nexus, Palo Alto, Juniper, Brocade, NetApp, F5 BIG-IP, Fortigate, Netscaler, etc.

  • Added human readable explanation for the LDAP error codes.

  • Added support for elevating permissions of the sessions established using native desktop or mobile SSH clients.

  • Added WEB HTTP sessions error feedback to the WEB session screen.

  • Enhanced visibility into quick-launch session access denials by displaying the reason for denial.

  • Added the option to apply Intelligent Tagging rules based on the asset name.

  • Added the option to apply Intelligent Tagging rules based on the Kubernetes import source.

Security

  • Updated WEB application framework to the latest version.

  • Updated IP Address utility component to the latest version.

  • Updated server side REST API component to the latest version.

  • Updated database access component to the latest version.

  • Updated server side build component to the latest version.

  • Updated WEB application build component to the latest version.

  • Updated Code Editor View component to the latest version.

  • Updated XSS protection dependency component to the latest version.

  • Updated client side patterns expansion dependency component to the latest version.

  • Updated network streaming component to the latest version.

  • Updated Oracle RDBMS driver to the latest version.

  • Updated XML Binding API component to the latest version.

Fixes

  • Fixed the issue with removing an asset from the policy by changing asset or policy tags should remove firewall rules on the asset endpoint generated by the policies previously assigned to this asset.

  • Fixed automatic logout caused by inactivity timeout while editing unsaved forms.

  • Fixed the issue with duplicate confirmation dialog when navigating out of unsaved form to the list of objects.

  • Fixed the issue with deleting an asset that has historical sessions.

  • Fixed the issue with session permission elevation mode for Network Appliances (Cisco, Palo Alto, Juniper, NetApp, etc) and IBM i devices.

  • Fixed the issue with automatic execution of commands during establishing SSH session to the remote device.

  • Fixed the issue with saving VMWare integration editing form with malformed URL.

  • Fixed the issue with duplicate creation of Windows Defender Firewall rules for the source IPv6 address with 128 mask.

  • Fixed the issue with initializing Management Server IP List with the IPv6 sub-net with 128 mask when creating new tenants.

  • Fixed the issue with enabling Save button and screen exit protection after selecting a user or a group on the MFA Rule editing screen.

  • Added the protocol information to the system log message about failure to start the session because of unknown protocol.

  • Improved privileged web HTTP session brokering by adding multiple connection attempts to the browser driver.

  • Fixed the issue with site name validation in the Create and Update Site forms to enforce allowed characters.

  • Fixed the issue with creating or editing sites to allow dashes in the site name.

  • Fixed an issue with deleting assets that have directly associated Peer Nodes and Access Profiles.

Release notes for the February, 1 2026 update

Update Version 4.1.202601301626

New Features

Added the option to filter and control commands executed in active SSH sessions established by native clients.

Command filter option allows precise control over which shell or terminal commands are permitted or denied during a secure remote session established by native desktop of mobile client. In addition, the option ensures that only trusted binaries from approved directories are executed.

The option extends previously available Command filter support for WEB SSH Sessions to the sessions established by native desktop of mobile clients.

Command filter option for native desktop or mobile clients supports two command shell options:

  • Native Shell proxies original OS shell environment monitoring traffic to restrict operations.

  • Application Shell further restricts administrator actions on the remote device by locking the user in the artificial proxy shell bypassing allowed processed commands.

Both shell options support fundamental PAM functionality such as credential injection, session recording and playback, session events recording, RBAC, access request approvals, etc.

Added Access Wall option to restrict direct access to asset endpoints.

Access Wall enforces PAM-only access for Unix SSH and Windows RDP/PowerShell endpoints, preventing bypassing PAM controls and preventing lateral movement across the network.

Extensions

  • Added the option to select Access port type in the network service configuration to use the SSH, RDP or WinRM port number as defined in the asset configuration. The option allows to reuse asset port numbers for access, account management and endpoint isolation purposes.

  • Added [Component :: Server :: Unix] and [Application :: Access Wall] terms to the out of the box LECA Segmentation taxonomy to support Access Wall functionality.

  • Added support to Azul distribution of the server side run time framework.

  • Added secret Token field to Kubernetes asset type to support upcoming discovery and account management operations.

Security

  • Updated server side run time framework to the major version 25 LTS.

  • Updated application security provider to the latest version.

  • Updated WEB application framework to the latest version.

  • Updated server side REST API component to the latest version.

  • Updated Application WEB Container to the latest version.

  • Updated database access component to the latest version.

  • Updated SSH connection component to the latest version.

  • Updated MySQL driver to the latest version.

Fixes

  • Fixed the issue with the license activation screen remains in the modified state after license activated.

  • Fixed the issue with the application dashboard displaying statistic charts for the editions that do not include Microsegmentation module.

  • Fixed the issue with segmentation policy Preview option available in Microsegmentation only editions on Asset List, Edit and View screens.

  • Fixed the issue with creating new Choice fields and defining the its options at the same time.

  • Fixed the issue with the control box size on the session player screen.

  • Fixed the issue with displaying long metadata lists when expanding asset item details on the list of items across the application screens such as asset or asset type lists.

  • Fixed the issue with out of the box special characters list for tenants created in non-English languages.

Release notes for the January, 25 2026 update

Update Version 4.1.202601221355

New Features

Added support for capturing file content transferred through RDP drive redirection in native client sessions.

The option extends previously existing functionality to capture file content transferred using copy and paste mechanism to the files transferred through the drive redirection in native sessions established using desktop or mobile RDP clients.

The option mirrors file capture functions for the files transferred during WEB Sessions established using application WEB client.

The file content transferred through the drive redirection, copy paste or WEB Session file transfer options is available to download using the session events report for the users with appropriate permissions.

Extensions

  • Migrated application WEB Console to standalone architecture to optimize WEB Console performance and maintainability.

  • Migrated application WEB Console to native browser CSS animations to optimize performance of dynamic WEB content.

Security

  • Updated WEB application framework to the latest version.

  • Updated REST API data management component to the latest version.

  • Updated application inventory management component to the latest version.

  • Updated server side REST API documentation component to the latest version.

  • Updated internal scripting component to the latest version.

  • Updated client side language translation component to the latest version.

  • Updated client side IP address validation component to the latest version.

  • Updated SSH Proxy sessions player component to the latest version.

  • Updated dashboard charts component to the latest version.

  • Updated script editor and script viewer component to the latest version.

  • Removed unused unreferenced components and pages from the WEB Console.

Fixes

  • Fixed the issue with duplicate columns in network collection database tables.

  • Fixed the issue with creating out of the box AI Prompts in the new tenants.

  • Fixed the issue with missing translation of labels on the page and on the page title after page refresh.

Release notes for the January, 18 2026 update

Update Version 4.1.202601161949

New Features

Added AI-Powered Analysis and Insights option to Jobs and Connections reports.

AI-Powered Analysis and Insights option is now available in the form of [Ask AI] button for the following reports respecting selected filters and sort options:

  • System and asset level Jobs report for deep insight into automation activities such as patterns of password reset on remote endpoints, endpoints uptime status, account, SSH keys or firewall management operations.

  • System and asset level Connections report to analyze endpoint communications with other devices in the network, discover time and source patterns, deviations and unexpected channels.

Added the option to display graphics in AI-powered analytics.

The option improves visibility of AI-Powered Insights to further simplify analysis of complex data collected by the privileges access management activities.

Added AI-Powered Analytics integration with Microsoft Azure Cloud AI provider.

Integration allows to leverage Microsoft Azure subscription for AI-Powered Analytics and Insight feature as an alternative or as an addition to already existing integration with OpenAI API.

Extensions

  • Added per-device and per-user license support when connecting to remote Windows endpoints using native desktop or mobile clients.

  • Enabled Vault, Privileged Access Management and Privileged Account Management modules for the non-activated tenants.

Security

  • Updated WEB application framework to the latest version.

  • Updated server side markdown processor to the latest version.

  • Updated the client side PDF management component to the latest version.

  • Updated database access component to the latest version.

  • Updated PostgreSQL driver to the latest version.

  • Updated client side build environment to the latest version.

Fixes

  • Fixed the issue with the error message about missing parameters when managing AI Prompts.

  • Fixed the issue with triggering policy application when saving major version of the asset in the tenants without Microsegementaiton license.

  • Fixed the issue with file name and title of the export of the user defined reports.

  • Fixed the issue of vertically splitting lines on the border of pages when exporting AI queries to PDF file.

  • Fixed the issue with exported AI query file name uniqueness by including current time stamp to the file name.

  • Fixed the issue with top level AI menu item appears in the base tenants.

  • Fixed the issue with saving RDP and HTTP proxy configuration.

  • Optimized WEB Console performance by removing unnecessary dependencies.

  • Fixed WEB Console compliance with the latest style sheet standards.

  • Migrated components of the Integration, Dashboard, Configuration, Management components to standalone architecture.

Release notes for the January, 11 2026 update

Update Version 4.1.202601091814

New Features

Added AI-Powered Analysis and Insights option.

AI-Powered Insights applies artificial intelligence to analyze recorded events and remote sessions data and generate summarized outputs and analytical responses.

By providing AI-driven analysis, 12Port enables Administrators, Auditors, and Reviewers to efficiently interpret system usage and activity, supporting improved security posture and governance. This capability reduces the need for manual review of extensive reports or prolonged video recordings.

The option allows to customize out of the box prompts as well as to create new prompts to query the system events and privileged sessions activities.

AI-Powered Analysis and Insights option is currently available in the form of [Ask AI] button for the following reports respecting selected filters and sort options:

  • System and asset level Events report for deep insight into user login and access approval patterns, changes in configuration and policies as well as the assets management.

  • System and asset level Sessions report for general remote access analysis, threat detection or user access patterns.

  • System and session level Session Events report to analyze admin behavior on the remote systems, detect anomalies in remote asset management, data transfers and other activities.

Extensions

  • Relocated Session Intelligence, Analytics and Tagging components to top level AI menu.

  • Added AI Manager site role to manage Cloud AI integrations, AI Prompts, analyze AI Insights, Manage Session Intelligence, Tagging and Analytical Models.

  • Added the option for the client side license activation automation performed through the user browser.

Security

  • Updated WEB application framework to the latest version.

  • Updated server side unit test component to the latest version.

Fixes

  • Fixed the issue with Safe Links REST API documentation.

  • Fixed the issue with displaying Workflow Configuration screen.

  • Fixed the issue with WEB console authentication in the deployments on the hosts with regional language locales.

  • Fixed the issue with switching to English language in the deployments on the hosts with regional language locales.

  • Fixed the issue with incorrect error reporting during deployments on the hosts with regional language locales.

  • Fixed the issue with session event recording for the joined session participant.

  • Fixed the issue with respecting time selector in the workflow configuration.

  • Fixed the issue with hot deployment of the WEB application locking the database.

  • Fixed the issue with the specific error in the exception when reporting failed authentication to Entra ID services.

  • Fixed the issue with the auditor to review Session Intelligence configuration.

  • Fixed the issue with thread leak during the application hot-deployment.

Release notes for the January, 4 2026 update

Update Version 4.1.202601021524

New Features

Added the option to launch desktop applications in Zero Trust session on the RDS jump host using native desktop or mobile RDP clients.

The option enables development of Zero Trust Access with full session recording capabilities and optional MFA enforcement for a wide range of desktop applications ("fat clients") published via Remote Desktop Services (RDS) as Remote Applications accessed by native desktop or mobile RDP clients.

The option injects credentials into the remote application before unblocking user keyboard and mouse controls. The option never releases credentials to the RDS server or to the destination application to the user client.

The option is applicable to multiple use cases such as:

  • Database development.
  • Data analysis.
  • System administration.
  • Shared Web portal access.
  • Digital marketing.

All currently supported remote applications adapted to integrate with Zero Trust sessions established by the native desktop or mobile RDP clients:

  • Active Directory Users and Computers snippet.
  • AWS WEB Console.
  • IBM PC5250 terminal.
  • Mocha TN5250 Terminal.
  • MS SQL Server Studio.
  • PuTTY.
  • Microsoft RDP Client (mstsc).

Zero Trust sessions for remote applications established by the native desktop or mobile RDP clients optionally enforces MFA by interrupting the session at the beginning to interact with the user inside the RDP client to prompt and to confirm the secund authentication factor using various MFA providers such as

  • TOTP using various authenticator apps (Google, Microsoft, etc).
  • TOTP using email of the MFA code.
  • HOTP (Yubikey)
  • Microsoft Entra ID (Office 365) including number matching push.
  • Duo Security
  • RADIUS

Extensions

  • Upgraded the web application to a modern zoneless architecture for faster, more predictable performance.

  • Added the support for Zero Trust WEB sessions launching remote "fat client" applications on the RDS servers to return keyboard and mouse control to the user right after injecting credentials into the destination application without the need to wait for a predefined timeout.

  • Added progress indicator to the Asset Access report during building of the report page.

  • Updated Copyright year in the documentation, application and installers to 2026.

  • Added a progress indicator for the button to unlock the safe link on the safe links list.

  • Updated SMTP object icon on the expanded SMTP integrations list screen to reflect Entra ID or Basic authentication.

  • Added Save button on the bottom of the service request screen.

Security

  • Updated WEB application framework to the latest major version 21.

  • Updated Informix database driver to the latest version.

Fixes

  • Fixed the issue with the tenant label on the exported access profile report.

  • Fixed the issue with the name of the exported Action Request report.

  • Fixed the issue with the availability of the bottom Save button on the inherited asset level password requirements screen.

  • Fixed the issue with initially enabling save button on the peer node selection for the asset.

  • Fixed the issue with generating RDP File to support the option to launch desktop applications in Zero Trust session on the RDS jump host using native desktop or mobile RDP clients.

  • Fixed the issue with client-side license activation.

  • Improved WEB application performance by migrating some components to the standalone architecture.