Skip to main content
Version: 3.21

Changelog

The version 3.21.0​

The following items presented in this changelog have been introduced, improved and fixed in the 3.21.0 version of senhasegura®.

caution

The changes presented are aligned with the version of the entire platform. Part Number segmentation is not considered in this document. Consult our commercial department, or your reseller, to acquire other funcionalities.

For details on which features have been enhanced or corrected for each component, see the next chapter in each module section.

info

For details on how the new items or improvements were introduced to the solution, see our documentation.

New logs database with Elasticsearch​

The new log storage system brings a significant improvement in indexing, log search, and data synchronization in clustered environments.

This new system is automatically configured during the solution upgrade process, and logs previously-stored in files will be migrated automatically to the new system with Elasticseah.

warning

Before updating or installing the senhasegura in a cluster environment it is necessary to release the port 9300 in the firewall between solution nodes.

General license consumption dashboard​

A new dashboard containing a view of the system's general consumption was added. This dashboard displays, for example, how many users have access to each module so that the person responsible for the tool can see them in the same place.

Filtering and behavior detection of DLLs​

The solution must prevent high-risk applications (such as browsers or document handlers) from starting untrusted side processes, untrusted loading DLLs, or exploiting PowerShell in content-based attacks. When an application or process is executed, it will start several DLLs. It was created measures to identify a DLL considered safe and stop the execution of any DLL that is not regarded as secure.

API for Login via Web Proxy senhasegura​

A new API method that allows the creation of a URL session for authentication in senhasegura Web Proxy was created. Through parameters, the developer will be able to define which device, in what credential, and from which IP address can be installed of the device. The URL is valid for 30 seconds after expiration. A new one must be created.

Changelog​

senhasegura®​

ItemDescription
New Feature
3503, 3726
A floating help button was added on the bottom right corner that allows access to the official documentation, senhasegura® shorts and community.
New Feature
3440
A new Tk expect plugin resource was added to change passwords called SQL Plus.
Improvement
2987
Improved the Selenium-based password change executor in Executions âžž Settings âžž Templates.
Improvement
3446
The process of changing SSH passwords was divided into distinct operations: one of the creations of the key in the origin device, and the others of publication in the target device.
Improvement
3542
Improved the internal logs database.
Improvement
3113
The reviewing and certification of access groups in PAM improved, with periodicity to analysis.
Improvement
3315
Updated the texts reading component in RDP sessions for Cyrillic support
Improvement
3499
Removed the system users from notification configurations. Still maintained only real users to be configured.
Improvement
1448
Changed the storage technology of proxy sessions texts. The text search is enhanced in performance and storage from this version and beyond.
Improvement
3699
Accomplihsed the data valdidation in Spanish and German inside proxy modules.
Improvement
2851
The alter and removal actions of an execution profile of a device were created.
Improvement
3452
Improved the monitoring of the internal vault.
Bugfix
3465
Fixed the authentication failures via Google OpenID.
Bugfix
3162
Fixed the error that caused messages to be shown in Portuguese on some pages.
Bugfix
3161
Fixed the error of URLs with non-existing permissions.
Bugfix
3580
Fixed the errors in the search filters that once the clear button was pressed, the information was not brought correctly.
Bugfix
2874
Fixed the bug that caused user by group reports do not bring up the correct access group.
Security
3184
Fixed the exhibition of emails sent through Domum in senhasegura submition screens.
Security
3676
The necessary permissions to install an instance activation license into senhasegura were reviewed.
Security
3658
Fixed the error while impersonating a profile.
Security
3494
Reviewed the proxy system security politics.

senhasegura® Terminal Proxy​

ItemDescription
Improvement
2912,3106
Added the argument domain and username that allow the visualization of all devices related to a credential or SSH key.
Bugfix
3457
Fixed the error that had terminal proxy repeating data after many information line.

senhasegura® RDP Proxy​

ItemDescription
Bugfix
3313
Fixed the error in senhasegura® RDP Proxy when using multimonitor funcion

senhasegura® Cloud​

ItemDescription
New Feature
3392
Azure reports were added in Cloud → Cloud IAM → User Roles the roles reported by service accounts to Azure service accounts.
New Feature
3391
Azure reports were added in Cloud → Cloud IAM → Account Roles the roles reported by service accounts to Azure service accounts.
Improvement
3073
An intermediate state was added when deleting a user or service account, allowing the result analysis that avoids a false positive.
Improvement
3071
Improved the synchronism of users and service accounts. The senhasegura will not remove permissions/roles added directly in Azure to users and service accounts. If it is inactivated/removed into senhasegura, it will be removed from Azure.
Improvement
1505
When registering a GCP account it was improved the validation to verify if the APIs are active.
Bugfix
3274
Fixed the issue in Azure integration.

senhasegura® WebService A2A​

ItemDescription
New Feature
3362
Added endpoint for an authenticated URL (SSO) to senhasegura® Web Proxy Session.
New Feature
2967
In the endpoints /iso/dash/risk/all and /iso/dash/sessions/all it was corrected the return message when the initial date
New Feature
2804
Created a mechanism that can authenticate API calls using AWS signature.
New Feature
3080
Implemented A2A authorization usage log in A2A → Logs.
Bugfix
3126
Fixed the error that caused the system to allow an activation of a specific authorization linked to an application even if it was deactivated.
Bugfix
3583
Fixed the public and private keys inversions while retrieving information via A2A when using sensitive information cryptography.

senhasegura® DSM​

ItemDescription
New Feature
3151
Added automatic versioning of a secret when a password of a credential with a secret linked to it has its password changed.
New Feature
2930
Created an auto-renewal of dynamic provisioning secrets according to TTL.
New Feature
2804
Created a feature that can authenticate API calls using AWS signature.
Improvement
1493
Added all secret information to your version history.
Bugfix
3381
Fixed a visualization error from the details screen after creating automation in DSM → Automations → Automations and clicking the bloom option.
Bugfix
3325
The message to provide authorization via API in an application with dynamic provisioning enabled was reviewed.
Bugfix
3382
Fixed error in database that happened while registering secret value with an empty field.
Bugfix
3379
Fixed the error of Disabled Secrets that could still be accessed via the DSM API.
Bugfix
3378
Fixed bug with DSM Automations Triggers not triggering actions.
Bugfix
3326
Fixed error that caused malfunctioning when registering a credential for dynamic provisioning in DSM.
Bugfix
3380
Fixed the bug that caused disabled authorizations got enabled once enabling an application that has relationship with the disabled one.

senhasegura® Orbit Command Line​

ItemDescription
Improvement
2993
Changed orbit output of sudo orbit version command from Orbit Console - MT4: senhasegura group to senhasegura Orbit Console when querying the version.
Improvement
3546
Added to the second instance cluster the possibility to view these log files.
Improvement
3384
Added support to new languages: Brahmic, Devanagari, Devanagari Extended, Vedic Extensions.

senhasegura® Scan & Discovery​

ItemDescription
Improvement
3067
Added an option of user group scan on target devices. To configurate the already existing Scans, this option will be automatically marked in the actualization.
Improvement
3273
Improved the connection string used by Discovery in UNIX domain credentials.
Improvement
3290
A checkbox was added that allows the user to choose to find or not the user groups.
Improvement
3291
The searching robots were improved only to find the access group its option is activated.
Bugfix
3061
Fixed a bug that happened while importing credentials via Discovery.
Bugfix
747
Fixed the scan error of target containers. The senhasegura state suggested a false positive when a mistake of SSH connection occurred.
Bugfix
3463
Fixed the configuration of accounts linked to services not being addressed by Discovery.

senhasegura® Dashboard​

ItemDescription
New Feature
2994
Added a new screen to visualize the general consumption of licenses.
Improvement
3100
Added DSM dashboards links to the Dashboard menu.

senhasegura® Domum​

ItemDescription
Improvement
3111
It was simplified the Domum parameters screen.
Improvement
3055
Added a dynamic icon that validates the connection status established with gateway.
Improvement
2959
The possibility of a re-send action of access link was added if the gateway is unavailable.
Improvement
3601
It was improved the displayed text to the user while accessing an expired link.

senhasegura® Orbini​

ItemDescription
Improvement
2748
Updated javascript libraries and packages.
Improvement
3376
Implemented the English language as fallback default if a text in the selected language is unavailable.
Improvement
3424
Added support to Turkish, Croatian and Russian on the senhasegura® RDP Proxy login screen.
Bugfix
2865
Fixed the error that caused the system to force the password to be changed even with the option unchecked.
Bugfix
3225
Fixed the error while registering the token in the first access using the digital certification as factor of authentication.
Bugfix
3422
The error that caused showing expiration date pushed when licensing senhasegura using an activation code generated with Production flag was fixed.
Bugfix
3681
Reviewed the necessary permissions to undo a user impersonation.

senhasegura.go​

ItemDescription
Bugfix
3357
Revised the security of the authenticated URLs of senhasegura.go.

senhasegura.go for Windows​

ItemDescription
New Feature
3350
Created detection event of an untrusted DLL execution attempt. The event will be registered as “Untrusted DLL execution attempt” containing the name of the DLL. The event will also be notified via SYSLOG and be available for email notification setup.
New Feature
3397
The DLLs will be able to be filtered in access lists using the same properties as an application: Product name, Product version, Certificate, File version, Directory, File hash, Internet zone identifier, Windows store publisher.
New Feature
3354
Applications that are already in execution, but contain any DLL considered as malware, will be finished.
New Feature
3385
The functionality of register requested directories functionality, which allows applications, automation and DLLs to override "allow/denylist" rules if specified within a trusted directory.
Improvement
3353
In the application filter registration, the validation rule by certificate will be obligatorily "Trusted only"
Improvement
3594
The senhasegura.go logs were moved to the “Applications and Services Logs” section of the Microsoft Event Viewer. Available in information(1000), alert(2000) and error(3000).
Bugfix
3566
Fixed the log synchronization when a workstation returns from an offline scenario.
Improvement
3679
Changed the presentation of domain credentials that previously only appeared the "username" for "domain\user" in cases where the credential has a domain. When there is no domain, it will be replaced by the workstation's name.
Security
3408
Removed the support for TLS1.1 on Windows workstations for communication with senhasegura servers. This communication will only be possible using TLS1.2 and 1.3.

senhasegura.go for Linux​

ItemDescription
Improvement
3570
Updated the politics register label of access from "Deny" to "Lock".
Bugfix
3330
Fixed a default rule to restrict the access that was being sent through the back of the PEDM Linux.
Bugfix
3127
Fixed the error in Sudo rules that was not deleting the rule if the one registered was inactivated.

senhasegura® Orbit Web Interface​

ItemDescription
Improvement
3129
Switch-like components have been standardized to avoid confusion between enabling and disable actions.
Improvement
3090
Updated the factor label of authentication from "MFA" to "2FA".
Bugfix
3363,3364
New languages supported: Spanish and German.

senhasegura® Certificates​

ItemDescription
Bugfix
3086
Fixed the error caused the certificate module not to fill in the alternative name for the certificate's subject (SAN).
Bugfix
3507
Fixed the error in Certificates → Requisitions while signing an certificate.

Protected information​

ItemDescription
Bugfix
3602
Fixed the error while registering and visualizing protected information.