Skip to content

Release Notes

Release notes for the April, 12 2026 update

Update Version 4.1.202604101847

New Features

Added session termination controls for native SSH, RDP and PowerShell client connections

Enhanced control over SSH, RDP and PowerShell-based access with the ability to pause or terminate sessions initiated through native SSH, RDP and PowerShell clients, including interactive SSH, RDP, PowerShell, SSH exec, SFTP, SCP, and SSH tunnels.

Sessions can be automatically terminated based on policy conditions such as expiration, completion of approved actions, or real-time Session Intelligence triggers, enabling immediate response to risky activity and stronger enforcement of Zero Trust controls.

Added session event capture for native PowerShell client connections

Enhanced visibility into PowerShell-based access by capturing commands executed during native client sessions. This enables detailed auditing, event correlation, and real-time Session Intelligence responses, including alerting and session termination.

Added support for musl-based Linux deployments

Extended platform compatibility to include Linux systems using musl-based binaries, enabling deployment across lightweight and minimal environments.

This expands deployment options for PAM in microservices, cloud, containerized, Kubernetes, and AI-driven architectures, including scenarios involving secure credential sharing and MCP server–based credential access for AI agents.

Support is available for both x86 and ARM hardware architectures.

Extensions

  • Added session heartbeat reporting for native SSH client connections to provide continuous visibility into session activity and status.

  • Enhanced the MCP Server specification to support AI Agent initiated action requests, including the ability to wait for approval and handle approval or rejection outcomes before granting access to credentials.

  • Added support for custom install locations for offline installation and update.

  • Added support for deployment of the application on Linux systems that use OpenRC for service management.

  • Optimized performance of background operations.

  • Updated copyright year of apptool utility.

  • Added the option to run Jobs report with custom date range specified in the screen URL.

Security

  • Updated application WEB framework to the latest version.

  • Updated dashboard charts component to the latest version.

  • Updated markdown rendering component to the latest version.

  • Updated Terminal Interaction toolkit to the latest version.

  • Updated REST API Documentation component to the latest version.

Fixes

  • Fixed the issue with termination of internal services during shutting down or hot re-deploying the WEB application.

  • Added system log messages about stopping internal background services.

  • Fixed the issue with including gateway component to the offline installer.

  • Fixed deployment compatibility for standard distribution of Alpine Linux.

  • Fixed PDF export issue with long field values.

Release notes for the April, 5 2026 update

Update Version 4.1.202604031457

New Features

Added URL and API Blocking for Web HTTP Sessions

Introduced the ability to block specific URLs and API calls within Web HTTP sessions. This option enables administrators to restrict access to defined areas of destination web portals based on command filters associated with users and assets.

For example, organizations can prevent users from generating API tokens in a web portal while still allowing access to the rest of the application. This provides granular control over user actions in the WEB browser without impacting overall usability.

Added Full Transcript Recording for Web HTTP Sessions

Introduced the ability to record a full transcript of browser-to-portal communications during Web HTTP sessions, complementing existing video recording capabilities for enhanced visibility and auditing. This option captures all HTML traffic between the browser driver and the destination web portal, including requests, responses, and message bodies, and stores it as a searchable text transcript.

This capability enables organizations to support DLP policies and gain detailed visibility into user activity within management portals for auditing and investigation purposes.

Added Split Knowledge Option for Credential Access

Introduced a Split Knowledge option to display only a segment of a password when accessing credentials. This feature enforces dual control for sensitive accounts by dividing a credential into two independent segments and granting each user access to only one segment.

Users assigned to different segments must collaborate to reconstruct the full credential when required. This reduces the risk of misuse, supports segregation of duties, and helps meet regulatory requirements for shared control over highly privileged access.

This control is commonly used in high-security environments to prevent insider threats and ensure that critical actions require multiple authorized participants.

Added MFA Enforcement for Native PowerShell Sessions

Introduced support for enforcing MFA on sessions established using native PowerShell clients. This ensures user identity is verified before access is granted to remote PowerShell sessions, strengthening security for privileged operations.

Extensions

  • Improved MCP Server documentation and design to better guide AI agents in discovering authorized resources, requesting access, and securely obtaining credentials for network assets.

  • Added the option to request access to view or rotate the Break Glass Key, with optional MFA enforcement prior to executing the approved action.

  • Added out of the box Command Filter High-Risk Commands (Linux/Unix) as an example of command filters.

  • Added Windows Password Reconcile by Account Itself script for faster password reconciliation of local windows accounts.

  • Added Windows Password Reconcile by Shadow Account script for faster password reconciliation of local windows accounts.

  • Added support to report failed authentication and authorization events to the application event log.

Security

Components update
  • Updated application WEB framework to the latest version.
  • Updated Informix driver to the latest version.
  • Updated internal scripting language to the latest version.
  • Updated server side logging component to the latest version.
  • Updated REST API documentation component to the latest version.
  • Updated context help rendering toolkit to the latest version.
  • Updated Code Editor view component to the latest version.
  • Updated application icons component to the latest version.
  • Downgraded compilation language component to the latest version supported by the framework build.
  • Updated Terminal Interaction toolkit to the latest version.
  • Updated MariaDB Driver to the latest version.
Updated Web Container Configuration

Enhanced the out-of-the-box Web application configuration to improve security, performance, and observability:

  • Disabled the ability to shut down the application via local port.
  • Improved performance for handling small packet transfers.
  • Disabled disclosure of Web container vendor, version, and related identifying details.
  • Disabled automatic deployment of applications copied into the deployment directory.
  • Added protection against Cross-Site Tracing (XST) attacks.
  • Enabled suppression of stack traces, container version, and internal error details in responses.
  • Added support for resolving real client IP addresses when accessed through a load balancer.
  • Enhanced access logs to include real client IP (beyond the load balancer) and response time.
Updated bootstrap system logger configuration

Improved the bootstrap system logger configuration for better stability and log management:

  • Disabled automatic reloading of updated configuration files.
  • Removed color coding from file-based logs.
  • Increased log retention period to 90 days.
  • Disabled reporting of code location in log entries.
Updated Web Application Configuration

Enhanced the Web application configuration to strengthen security and standardization:

  • Disabled all default pages except the actively used index.html.
  • Renamed the application internal name.
  • Updated to the latest schema standards.
  • Enforced HTTPS for all communication with the Web application.
  • Added protection against clickjacking attacks (preventing embedding in iframes).
  • Added protection against MIME sniffing attacks.
Improved Security of login screens

Enhanced the security of login and registration pages:

  • Fixed an issue where error messages varied on the login page; now a consistent response is returned for all authentication failures.
  • Added protection against cross-site attacks to the Web application login page.
  • Added protection against cross-site attacks to the Web application registration page.
  • Added integrity attributes to authentication pages stylesheets.

Fixes

  • Fixed the issue with displaying escaped special sequences in the recording of the sessions established using native PowerShell clients.

  • Fixed the issue with displaying commands automatically generated by aliases in the recording of the sessions established using native PowerShell clients.

  • Fixed the issue with displaying session player progress bar on some client devices for the sessions established using native SSH or PowerShell clients.

  • Fixed the issue with the update availability message on the application dashboard to be visible for the auditors and administrators only.

  • Fixed the issue with the maximum password length on the default password requirement to be 64 characters.

  • Improved error message about the failure to connect to a peer node to include the node and endpoint URL.

  • Fixed the default file logger configuration to exclude line coloring in the log files and to increase log files retention to 90 days.

  • Fixed the issue with both client- and server-side input validation on user profile fields Mail, Last Name and First Name.

  • Fixed the issue with retrieving user context on the client side from the server with invalid asset parameters.

  • Fixed the issue with resolving issuer for system events, SAML and authentication tokens for the master users navigation from the base tenant to the asset one.

  • Fixed the issue with rotation and archiving of console logs on Linux platforms.

  • Fixed the issue with large exceptions were recorded in system logs in response to port scanning activity on the RDP proxy port.

Release notes for the March, 29 2026 update

Update Version 4.1.202603271934

New Features

Added Video Recording for PowerShell Sessions

Added support for video recording and playback of sessions initiated from native PowerShell and WinRS clients. Recordings can be enabled per user, user group, asset, or group of assets, providing flexible control aligned with existing session recording policies.

Session recording provides visibility and accountability for privileged access. It supports compliance with clear audit trails, strengthens security through faster investigation and threat detection, and helps train teams by capturing real-world interactions.

Security

  • Updated application WEB framework to the latest version.

  • Updated network streaming component to the latest version.

  • Updated code editor language component to the latest version.

  • Updated Data Serialization component to the latest version.

  • Updated Terminal Interaction toolkit to the latest version.

  • Updated WEB application language compiler to the latest version.

  • Updated WEB HTTP sessions driver to the latest version.

Fixes

  • Fixed the issue with complexity of action request protocol between AI Agent and the MCP Server.

  • Fixed the issue with the delay exiting the PowerShell proxy session.

Release notes for the March, 22 2026 update

Update Version 4.1.202603201558

Extensions

  • Added the option to navigate to the member asset from the Members list on the asset view screen.

  • Added support for the task executions to use default values of asset type fields in case the field is not defined on the asset level.

  • Added Script Timeout (in seconds) field to the Windows Host asset type to fine tune execution of long running scripts.

Security

  • Updated application WEB framework to the latest version.

  • Updated application WEB Container to the latest version.

  • Updated IP Address toolkit to the latest version.

  • Updated MS SQL Driver to the latest version.

  • Updated XML Data Binding component to the latest version.

  • Updated database access component to the latest version.

  • Updated dashboard charts component to the latest version.

  • Updated WEB application icons to the latest version.

  • Updated markdown rendering component to the latest version.

Fixes

  • Fixed the issue with executing long running PowerShell scripts on the remote Windows endpoints.

  • Fixed the issue with Windows Firewall Management script to operate on non-English operating systems.

  • Fixed the issue with releasing WinRM session on the remote Windows endpoints after executing sequence of jobs on them.

  • Updated Line Reader component used in the sessions established by native desktop or mobile SSH clients to the latest version.

  • Fixed the issue with reference to the full application REST API in the MCP Server entry endpoint.

  • Fixed the issue with missing PowerShell access server port configuration on the application initialization screen.

  • Fixed the issue with the context help for access servers on the application initialization and on the tenant editing screens.

  • Fixed the issue with exporting AI Insight query to PDF file in the non-English GUI.

  • Fixed the issue with preserving the list of assets in the application command line shell between connecting to assets.

  • Increased default timeout for peer node communications.

  • Optimized application WEB console performance.

  • Fixed the issue with the application online installer scripts to terminate the installation when Internet connection is not available or the distribution binaries are not accessible with the appropriate error message suggesting a user to use offline installer.

  • Fixed the Linux setup utility performance and distribution compatibility to check WEB HTTP driver dependencies and suggesting an FAQ article to install WEB HTTP Driver dependencies when required.

Release notes for the March, 15 2026 update

Update Version 4.1.202603122011

New Features

Added PowerShell Connection Brokering for Windows Endpoints.

Introduced the ability to broker PowerShell connections to Windows endpoints through the PAM platform. This feature enables Zero Trust access from native PowerShell clients without exposing or transferring endpoint credentials to the client device.

The broker transparently intercepts and routes PowerShell remoting traffic through the PAM server, which securely injects privileged credentials stored in the PAM vault. Users can establish fully interactive remote PowerShell sessions or execute individual commands while privileged credentials remain protected and never disclosed.

The PowerShell broker operates in an agentless mode, requiring no additional software on either the client or the target Windows endpoint. All PowerShell traffic is monitored and controlled directly by the broker, enabling secure and governed privileged access.

Supported capabilities include:

  • Real-time credential injection into PowerShell session traffic
  • Role-based access control (RBAC) for PowerShell connection permissions
  • Flexible request approval workflows, including automatic approval, selective rejection, and multi-layer approval chains
  • Secure brokering of PowerShell connections to isolated datacenters through peer node gateways
  • Event logging for brokered PowerShell session activity
Added MCP Server for AI Agent Credential Access

Added support for a Model Context Protocol (MCP) server to provide a secure, standardized interface for AI agents to discover authorized data sources and obtain credentials for connecting to external systems, tools, and repositories.

The MCP server acts as a plug-and-play bridge between AI agents and enterprise resources, enabling agents to search for accessible data sources, request access, and retrieve connection parameters according to defined security policies.

Supported capabilities include:

  • Automatic discovery of available data sources and access capabilities by AI agents

  • Role-based access control (RBAC) for granting access to discoverable data sources

  • Flexible request approval workflows, including automatic approval or multi-layer approval chains

  • Event logging and audit trails for credential and access parameter retrieval

Extensions

  • Added Asset Type Secret with Password and Tags fields.

Security

  • Updated application WEB framework to the latest version.

  • Updated WEB HTTP Sessions driver to the latest version.

  • Updated REST API component to the latest version.

  • Updated PDF generation component to the latest version.

  • Updated Line Reader component used in the sessions established by native desktop or mobile SSH clients to the latest version.

  • Updated Code Editor commands, state and view components to the latest version.

  • Updated client side security sanitation component to the latest version.

Fixes

  • Optimized performance of dashboard chart component by replacing 3rd party wrapper component with the lightweight implementation.

  • Fixed the issue with completing the session after failing to save session recording.

  • Fixed the issue with failure to save sessions recording to the invalid recording storage.

  • Fixed the issue with internal label key present in the feedback message about the mass operations execution.

  • Fixed the issue with Enforce Policies operation executed for the single asset from the asset list actions menu.

  • Fixed the issue with detecting default WinRm firewall rule status on the non-English language Windows devices.

Release notes for the March, 8 2026 update

Update Version 4.1.202603062055

Extensions

  • Added the option to transparently share WEB Session clipboard between local and remote devices.

  • Added support to upload asset password into the remote clipboard with the option to request access using approval workflow using WEB Session control box.

  • Added the option to send Ctrl-Alt-Delete keystroke to the WEB session.

  • Added auto-hide behavior for the Web Session Control Box when the mouse leaves the control area, with visibility maintained while the pointer remains inside.

  • Added the option to Join WEB session with URL shared from the WEB Session control box.

  • Added the list of active sessions to the asset view screen with the options to terminate or to join the session.

  • Added the option to refresh Asset View screen to update the asset state, the list of active sessions and the state of the action request approvals.

  • Added the option to the application shell interface to switch container and to connect to the asset based on the sequential number generated by the last listing command.

  • Added the option to filter session events report by Process events.

Security

  • Updated application WEB framework to the latest version.

  • Updated database access component to the latest version.

  • Updated WEB HTTP Sessions driver to the latest version.

  • Updated dashboard charts component to the latest version.

  • Updated sessions player component for SSH sessions established using native desktop or mobile clients to the latest version.

  • Updated Code Editor view component to the latest version.

  • Updated REST API Documentation component to the latest version.

  • Updated Line Reader component used in the sessions established by native desktop or mobile SSH clients to the latest version.

  • Updated HTTP communication component to the latest version.

Fixes

  • Fixed the issue with capturing transit credentials for RDP sessions established using native desktop or mobile clients after enrollment new user to MFA or after enforcing MFA authentication during WEB login.

  • Fixed the issue with the blanket warning about the module permission during installation on the Linux platforms.

  • Fixed the issue with requirements to install WEB HTTP Sessions driver graphical dependencies on Linux platforms.

  • Fixed the issue with requirements to update AppArmor configuration for WEB HTTP Sessions driver on Linux platforms.

  • Fixed the issue with the File Manager available on the VNC sessions.

  • Fixed the issue with password sanitation in Clipboard session events.

  • Fixed the issue with OpenAPI documentation for asset credentials REST API.

  • Fixed the issue with the Login button on the login form is enabled with no user provided.

  • Fixed the issue with the system owner registration form Register button is enabled when there is no user provided.

  • Added error feedback about typical errors on the system owner registration form such as user is not provided, user login name contains non-alphanumeric characters, selected password is too short, or passwords mismatch.

  • Fixed the issue with password masking of high entropy that include open and close brace characters.

  • Fixed the issue with the keyboard shortcut to save Peer configuration for the asset.

Release notes for the March, 1 2026 update

Update Version 4.1.202602271557

New Features

Added the option to detect and log process launches within RDP sessions.

The new process monitoring option detects applications launched within RDP sessions established through the proprietary Web client as well as native desktop and mobile clients.

For each detected process, detailed metadata is captured as a session event, including process name, executable path, launch parameters, window title, and the user context if executed under a different account.

Process events are available in the Session Events report and are also synchronized with the session video player, allowing direct navigation to the exact point in the recording where the process was started.

This capability enables auditors and system owners to review graphical RDP sessions more efficiently using structured transcripts and AI-powered analysis, while providing fast video navigation for monitoring, investigation, or training purposes.

Extensions

  • Added auto-tagging support for the process of Discovery and Import privileged accounts from Windows devices.

  • Added the option to search session events by the event object (file name, etc).

  • Added documentation for database objects that could be used in the Used Defined reports.

Security

  • Updated application WEB framework to the latest version.

  • Updated dashboard chart component to the latest version.

  • Updated REST API data biding component to the latest version.

  • Updated database access component to the latest version.

  • Updated database pool component to the latest version.

  • Updated Code Editor language component to the latest version.

  • Updated WEB Icons component to the latest version.

  • Updated client side package manager to the latest version.

  • Updated string management component to the latest version.

  • Updated PDF tables generation component to the latest version.

  • Updated SSL / TLS strategy during communications with integrated applications to the latest version.

  • Updated CSV parsing procedure used in CSV, Windows, Kubernetes import as well as SQL Driver to the latest version.

  • Updated CSV generation procedure used in report export to the latest version.

  • Updated the data binder mapper construction to the latest version.

  • Updated namespace utilization in the SAML parsing to the latest version.

Fixes

  • Fixed the issue with extra space appearing in long previews in the Session Events report.

  • Fixed the issue with session events details panel for the events close to the end of the recording to fit to the screen.

  • Fixed the issue with WEB RDP Session recording for RDP sessions with certain mouse activities.

  • Fixed the issue with Events dropdown in the session player displaying line breaks in the event preview.

  • Fixed the issue with too narrow events dropdown in the session player.

  • Fixed the issue with distorted asset icons for some of the assets with long names.

  • Fixed the issue with distorted asset icons for the asset types with long names.

  • Fixed the issue with disabling the Register button when clicked on the initial registration screen.

  • Fixed the internationalization issue with error messages produced by WEB HTTP sessions.

  • Fixed the issue with the blanket message about file storage for video recordings detection for the configurations without custom file storage configured.

  • Fixed an issue causing a generic error log message related to saving session transcripts for non-SSH sessions.

  • Fixed the error message about saving session transcripts.

Release notes for the February, 22 2026 update

Update Version 4.1.202602201334

New Features

Added the option to review text transcript of SSH sessions.

The option allows to download a complete input and output text transcript of SSH sessions established through both WEB client or native desktop or mobile clients.

In addition to full session video recording and session events logs, text transcripts support forensic investigations by providing searchable and reportable evidence, helping detect sensitive data access, privilege misuse, and insider threats, while also simplifying operational troubleshooting.

Added instant query option to the Ask AI dialogue.

The option allows to quickly query Cloud AI (such as OpenAI or Azure OpenAI) about the results visible on the Events, Session Events, Sessions and Jobs reports as an alternative of using preconfigured prompts.

Extensions

  • Added support to display session events on the session player timeline and in the list of session events with the options to navigate between the events for the sessions established through the native desktop or mobile SSH clients.

  • Optimized resource utilization during video playback of sessions established through native desktop or mobile RDP clients.

Security

  • Updated application WEB framework to the latest version.

  • Updated REST API documentation controller to the latest version.

  • Updated server side application test framework to the latest versions.

  • Updated SSH session transcript player to the latest version.

  • Updated client side markdown processing component to the latest version.

  • Updated Code Editor view component to the latest version.

Fixes

  • Fixed the issue with creating session objects for the sessions established through native desktop or mobile RDP clients.

  • Fixed the issue with missing filter by Created date on the list of Cloud AI Insights.

  • Fixed the issue with selecting dates using date picker.

  • Fixed the issue with moving the Ask AI dialogue on the screen.

  • Fixed the issue with displaying or navigating through session events that contain too long or too short words.

  • Fixed the issue with displaying the event on the session event report that contains long string without white spaces.

  • Fixed the issue with maintaining heartbeat time for the sessions established using native desktop or mobile RDP client.

  • Added initially hidden out of the box Process Monitoring field to the Windows Host asset type to support upcoming option to record session events about started processes on the Windows endpoints.

  • Fixed the issue with password masking applied for Keyboard input events only.

Release notes for the February, 15 2026 update

Update Version 4.1.202602130935

New Features

Extended privileged control and monitoring for the sessions established using native desktop or mobile SSH clients.

  • Text Transcript: Added the option to download a complete input and output text transcript of SSH sessions established using native clients. In addition to full session video recording, text transcripts support forensic investigations by providing searchable and reportable evidence, helping detect sensitive data access, privilege misuse, and insider threats, while also simplifying operational troubleshooting.

  • Session Events: Added the option to record keyboard events in the SSH Sessions established using native clients.

  • Session Events: Added the option to record Bracketed-paste events in the SSH Sessions established using native clients.

  • SSH Exec: Added support for Command Filters in SSH exec sessions established using native SSH clients. In addition to regular filtering of remotely executed commands, this option allows selected commands — but not all — to be executed with elevated privileges from within a non-privileged session on the same device.

Added the option to request a password reset for local directory users

This option allows system owners to flag a user account in the local directory to require a password reset at the next login to the application WEB Console.

It is particularly useful when onboarding new users — especially external, temporary, vendor, or contractor accounts — helping regulated organizations enforce secure first-login credential policies. It can also be applied following a security incident to require privileged users to immediately renew their passwords and reduce the risk of compromised credentials remaining in use.

Added automated privileged initialization for SSH Sessions

This option allows system owners to schedule execution of a predefined command — including securely supplying a password — before releasing session control to the user.

It is useful for elevating privileges on network devices that require non-standard escalation commands. It can also automatically launch database clients with privileged connections pre-established, mount sensitive resources required for the session, or perform preparatory configuration to ensure the session starts with the appropriate level of privileged access.

Added the option to run scripts on a group of assets

This option enables bulk execution of a selected script across all assets of a chosen type within a specified container.

Group execution is useful in scenarios such as resetting passwords on RHEL servers hosted in AWS following a security incident, or rotating administrator passwords on Windows Server 2016 Domain Controllers after a vulnerability has been identified and remediated to ensure previously exposed credentials are no longer valid.

Extensions

  • Added the option to store session video recordings and file transfers in the location outside of the application deployment folder.

  • Added the option to reset password for the asset using user provided password instead of generated one. The password provided by the operator should comply with the password requirements configured for the asset.

  • Added the option to search assets by asset type including support to save queries with asset type condition.

  • Added support to prompt approver for a comment when approving action requests.

  • Added the option to export Event, Session, Session Event and Jobs reports to text format.

Security

  • Updated WEB application framework to the latest version.

  • Updated database access component to the latest version.

  • Updated Code Editor view and command components to the latest version.

  • Updated HTTP transport component to the latest version.

  • Updated Markdown rendering component to the latest version.

  • Updated PostgreSQL driver to the latest version.

Fixes

  • Fixed the issue with the documentation link on the Access Wall configuration page.

  • Fixed the issue with search center label translations when refreshing the asset list screen using browser refresh.

  • Improved visibility of read only information fields on the approve and reject dialogues.

  • Fixed the issue with displaying Japanese characters in WEB SSH sessions.

  • Fixed the issue with Job Pool and Job Runner labels on the Peer Node Configuration and Tunnel Configuration screens.

  • Extended the selection list of the out of the box Network Appliance Enable Level field to include 15 levels. The fix is applied for the new tenants. In the existing tenants the selection in the Enable Level choice field should be updated using the application GUI.

  • Extended the maximum limit to open a Safe Link to 12.

  • Extended system logging to troubleshoot WEB HTTP Sessions component interactions.

Release notes for the February, 8 2026 update

Update Version 4.1.202602061610

New Features

Added the option to Discover and Import Kubernetes containers.

This option automatically discovers namespaces, pods, and containers within Kubernetes deployments and can optionally import them into the Credential Vault. It supports both discovery-only and discovery-and-import modes, enabling organizations to identify and manage containers running across Kubernetes environments.

Discovery and import processes can be scheduled to run periodically, ensuring the Vault stays up to date as new pods and containers are created.

To reflect the hierarchical structure of Kubernetes and simplify navigation and search, the import process maps Kubernetes namespaces and pods to Credential Vault folders, creating individual containers as assets within their corresponding namespace and pod.

Imported assets automatically inherit discovery access and authentication for immediate privileged access.

The import process applies Intelligent Tagging rules to imported assets, enabling easier search, streamlined asset management, and consistent application of system policies.

Extensions

  • Added out of the box asset type Network Appliance to encapsulate privileged access elevation using enable mode as well as password reset and verification for network devices such as Cisco, Cisco Nexus, Palo Alto, Juniper, Brocade, NetApp, F5 BIG-IP, Fortigate, Netscaler, etc.

  • Added human readable explanation for the LDAP error codes.

  • Added support for elevating permissions of the sessions established using native desktop or mobile SSH clients.

  • Added WEB HTTP sessions error feedback to the WEB session screen.

  • Enhanced visibility into quick-launch session access denials by displaying the reason for denial.

  • Added the option to apply Intelligent Tagging rules based on the asset name.

  • Added the option to apply Intelligent Tagging rules based on the Kubernetes import source.

Security

  • Updated WEB application framework to the latest version.

  • Updated IP Address utility component to the latest version.

  • Updated server side REST API component to the latest version.

  • Updated database access component to the latest version.

  • Updated server side build component to the latest version.

  • Updated WEB application build component to the latest version.

  • Updated Code Editor View component to the latest version.

  • Updated XSS protection dependency component to the latest version.

  • Updated client side patterns expansion dependency component to the latest version.

  • Updated network streaming component to the latest version.

  • Updated Oracle RDBMS driver to the latest version.

  • Updated XML Binding API component to the latest version.

Fixes

  • Fixed the issue with removing an asset from the policy by changing asset or policy tags should remove firewall rules on the asset endpoint generated by the policies previously assigned to this asset.

  • Fixed automatic logout caused by inactivity timeout while editing unsaved forms.

  • Fixed the issue with duplicate confirmation dialog when navigating out of unsaved form to the list of objects.

  • Fixed the issue with deleting an asset that has historical sessions.

  • Fixed the issue with session permission elevation mode for Network Appliances (Cisco, Palo Alto, Juniper, NetApp, etc) and IBM i devices.

  • Fixed the issue with automatic execution of commands during establishing SSH session to the remote device.

  • Fixed the issue with saving VMWare integration editing form with malformed URL.

  • Fixed the issue with duplicate creation of Windows Defender Firewall rules for the source IPv6 address with 128 mask.

  • Fixed the issue with initializing Management Server IP List with the IPv6 sub-net with 128 mask when creating new tenants.

  • Fixed the issue with enabling Save button and screen exit protection after selecting a user or a group on the MFA Rule editing screen.

  • Added the protocol information to the system log message about failure to start the session because of unknown protocol.

  • Improved privileged web HTTP session brokering by adding multiple connection attempts to the browser driver.

  • Fixed the issue with site name validation in the Create and Update Site forms to enforce allowed characters.

  • Fixed the issue with creating or editing sites to allow dashes in the site name.

  • Fixed an issue with deleting assets that have directly associated Peer Nodes and Access Profiles.