Check below the new features, improvements, and errors fixed in this version of senhasegura.
For GO Endpoint Manager
Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application. These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.
š” Highlights
Integration with KeyVault Azure
The integration of DevOps Secret Manager senhasegura with the Key Vault Azure cloud service improves the management and security of secrets, adding resources of rotation and encryption in transit and at rest. The solution ensures productivity and reliability for the DevOps chain throughout the privileged information lifecycle. In addition, developers and pipeline administrators have better visibility and consumption statistics. The result is a high standard of security guaranteed by the union of leading companies in the market.
What's New in MySafe
MySafe, recently launched by senhasegura, has improved its usability and security. Worthy of mention is the ability to import and migrate data from Keeper and LastPass tools, as well as the option to verify old information through versioning and control the reactivation of passwords, files, and notes. With these new functionalities, MySafe becomes even more efficient in managing, storing, and sharing confidential information, always following the best security practices in the market.
Creation of User Groups
To enhance the use of senhasegura, a new entity called the "User Group" is being developed. The purpose is to offer an even more fluid and intuitive experience to users of our products. The first version of the āUser Groupā is available and works by associating users who have similar permissions, which are linked to an access group. This access group works as a filter that segregates the actions a user can perform within the platform. In this scenario, the same user can belong to different access groups, and the āUser Groupā makes it possible to structure permissions appropriately, following the concept of least privilege and guaranteeing the security of decision-making.
ā Changelog per module
PAM Core
Bug fixes
Item
Description
4886
Fixed a bug where information such as menu and title were sometimes not visible within scheduled reports.
5160
Fixed a bug where senhasegura would send 15 email alerts about the expiration of protected information.
3680
Fixed an error where "view password" notification emails were being sent in the language preference of the user who viewed the password instead of the email recipient's language preference.
4940
Fixed bug where "Start Session" button appeared in search bar for credential results even when device had no connectivity causing "Unexpected error" message.
5257
Fixed bug where the Terminal Proxy was unable to display Polish characters correctly.
5315
Fixed issue with Russian characters in HTTP sessions with the Web proxy on senhasegura. Previously, only a few keys were recognized, causing other keys to not be recognized or printed.
5407
Fixed issue where starting a Remote Desktop Protocol (RDP) Proxy session with credentials in the format of "domainName\credentialName" would result in an error preventing the session from starting.
5302
Fixed bug where the variable [#USERNAME#] used in the Access Group failed to filter credentials starting with 0 (zero).
5343
Fixed issue where selecting Risk Analysis in the actions menu of a finished remote session would open a new browser window with an "Internal Server Error" message. This issue occurred when using Portuguese, French, or Spanish language.
5149
Fixed issue where users would get an "Internal Server Error" when they tried to use "Emergency Access" after their request was already denied. The error occurred when they tried to provide a justification for their request.
3921
Fixed scenario where if a password validation failure occurred during the credential registration process and the user manually entered the password, they would be unable to save the credential information, requiring them to start a new registration form.
4637
The bug causing the system to crash for domain users with two or more emails associated with their accounts when using LDAP group sync was fixed.
5846
Fixed error that prevented users from performing "Emergency Access" during an RDP Proxy session with domain credentials on devices where the credentials were not registered.
5941
Fixed bug that prevented the start of a Livestream for an active remote session.
Product Updates
Item
Description
4668
During the initial wizard setup in senhasegura, a warning box was added to alert users that if DHCP is enabled in the operating system, DNS configuration may not work.
605
The detail view icon was incorrect in some reports. We have replaced the three lines with a magnifying glass icon.
4786
The "Active" and "Role status" search filters are now enabled by default in the Roles by Users screen.
5000
Added the option to select the Polish keyboard layout for web sessions.
5000
Added the option to select the Polish keyboard layout to be used in web sessions.
4948
Added option to change the password via LDAP\LDAPS of FreeIPA users.
4813
Added support to OAuth 2.0 authentication over IMAP, POP, and SMTP protocols.
5140
Improvement of the content from approval notification of the video session by email
4573
Added the [host_ip] tag for use in the "Value" field of Web Session Parameters configuration.
4894
Updated option "Enable password change after login?" for change the password only if automatic password change is enabled.
4942
Added an approval structure for specific queries
5107
Usability improvements to the SSH keys details screen
4808
Improvement in the batch import spreadsheet of credentials.
4088
Improved how senhasegura displays sensitive fields when configuring login providers and ITSM integration. Also, standard terminology is now used for secrets, keys, or tokens.
3642
Adjustment in the endpoint used for integration with ITSM servicenow to query Requisition tickets.
3690
Added batch registration to allow for editing or creating multiple users and their main providers in the "providers per user" feature.
5106
Improvement of the visualization of AD groups with list display in alphabetical order
5258
Users can now upload icons for their devices categorized by Vendors, Types and Products.
3221
The screen titles for "Settings > Backup > Protected Information" and "Dashboards > System Consumption > Protected Information." now use "Protected Information" instead of "Secrets" to avoid confusion with other features that also use the term "Secrets."
5796
Changed the LDAP group synchronization configuration to use the new feature of user group entities.
3329
Now users can export a report with all their personal information saved in senhasegura, to comply with LGPD and GDPR regulations.
5335
Added an option to use Azure AD Provisioning as an authentication provider in senhasegura.
5163
Added Approval Workflow for user permission change.
5379
Added support for user authentication with SSO using SAML and 'X509 MultiFactor' enabled.
4100
When the device has no registered connectivity, the "Start Session" action will not be displayed for the credentials.
5148
Added option to view session video directly from senhasegura dashboard, and fast-forwarding to the moment when the command is executed.
5013
The "Start sessions locally" shortcut functionality will no longer display shortcuts for RDP and SSH downloads for credentials if the device does not have the respective connections added.
3642
Changed how the ServiceNow ITSM integration works, where senhasegura was unable to find all ticket types in ServiceNow.
5416
Added the feature User Groups which allows the association of access groups to a single group.
5336
Added a new tag āCustom Codeā to launch web sessions as a third login field.
New Feature
Item
Description
3455
The user password change screen has added an option to generate a password.
4612
An icon with a link to senhasegura documentation was added to the product screens.
5685
Added a default RemoteApp for bypassing insecure certificates.
3310
Improved the way senhasegura sets up and provides feedback about the Batch User Import process.
Security
Item
Description
5776
Fixed the scenario where some features were allowing users to watch recorded sessions without going through the approval workflow.
5283
Fixed security issue that could occur during automation in a web session.
Translation Fixes
Item
Description
5500
Fixed untranslated strings in the Polish language for the web session.
5073
General translation fix.
5853
Fixed the translation of risk analysis events from a session.
senhasegura Proxies
Product Updates
Item
Description
4705
The user will no longer be immediately disconnected if you mistyped your MFA when authenticating with the Senhasegura Terminal proxy. Instead, you will have three attempts to enter the correct MFA before closing the connection.
Discovery
Bug fixes
No changes.
Product Updates
No changes.
New Feature
No changes.
Certificate Manager
Bug fixes
Item
Description
3804
The bug causing the system to crash when users included the '&' symbol in their passwords to download certificates was fixed. The system now displays a message indicating that '&' is not an allowed password symbol.
4617
The bug causing the system to present -1 as a value for the ISPB inside Certificates A1 was fixed. Now, the system displays āundefinedā if thereās no ISPB value informed.
5362
The bug that prevented Certificate Manager from signing certificates with a Microsoft CA through the Network Connector was fixed.
Product Updates
No changes.
New Feature
No changes.
Orbit
Bug fixes
No changes.
Product Updates
Item
Description
4571
The notification message has been updated to notify users when the "Hostname" or "Timezone" values are changed. After changes, a system reboot is needed. A new license may be required too. If other fields are changed, only related services will be restarted.
4514
Now it is possible to check system incidents and alerts using Orbit web.
New Feature
Item
Description
4133
Monitoring tools for GCP have been added to the senhasegura VM.
5184
Added new command for setting up backup schedule (orbit backup time)
GO Endpoint Manager Windows
For GO Endpoint Manager
Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application. These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.
Bug fixes
Item
Description
4961
Fixed problem with the PEDM Windows automation that caused the macro to click in the wrong place during automation.
5771, 5891
Fixed a bug that caused UAC to not work when MFA was enabled.
5807
Fixed bug to manually add files with "msc" extension in GO Endpoint Manager Core.
Product Updates
Item
Description
5027
Improved performance for the senhasegura API.
5360
Improved performance of how the GO Endpoint Manager for Windows saves logs.
5137
Improvement on how passwords are stored using senhasegura Vault credentials in offline mode.
5423
Improved automation execution to prevent errors for applications requiring privileged access.
5467
Updates are now more efficient, only updating installed modules instead of all three when installing only one or two.
4789
Improved the performance of session recording in GO Endpoint Manager for Windows.
5736
Updated driver for web automation.
5795
Added notifications on the workstation when synchronizing policies, credentials, and local groups in GO Endpoint Manager for Windows to indicate the start and end of the sync.
New Feature
Item
Description
5104
New reports for GO Endpoint Manager for Windows are now available. These reports provide information about deleted users in local groups, users in the local administrators group, and users in the local power users group.
5004
Added parameterization of directories to be ignored in the start menu scan.
4998
Added the option to specify directories that should be ignored during application scanning.
4999
"Segregation by users" is now an additional option for administrators to create PEDM window policies and segregated parameters.
4118
When offline mode is enabled, the PEDM agent uses the last synchronized policy, allowing the user to continue working through PEDM even if the workstation is offline.
GO Endpoint Manager Windows - Legacy
For GO Endpoint Manager
Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application. These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.
Bug fixes
Item
Description
5196
Improved user elevation flow to be compatible with Windows 7/ Server 2008 R2.
5169
Fixed error where the remote session identifier for the agent was not being sent to the senhasegura backend, resulting in the agent being unable to run registered applications.
GO Endpoint Manager Linux
For GO Endpoint Manager
Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application. These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.
Bug fixes
Item
Description
4938
Fixed error that caused negative times to be displayed under the "duration" column for GO Endpoint Manager for Linux sessions in the remote sessions report.
5081
Fixed the Access Policy form validation error. It is only possible to save an access policy if a policy has been selected on the main tab. Otherwise, the user is redirected to the main tab.
New Feature
Item
Description
4743
Changes have been made to the PEDM Linux Policies registration screen to make it simpler and more user-friendly for system administrators to add new rules.
4903, 4752
The "Rules for sudo" and "Access policies" features are now installed and executed as independent binaries.
4747
Added parameterization of functions for GO Endpoint Manager for Linux and AD Bridge.
Product Updates
Item
Description
4744
Session recording no longer requires "secpack-trec" binary. Instead, administrators can enable recording when creating a new rule.
5410
Caitsith module version update.
Domum Remote Access
Bug fixes
Item
Description
4706
Fixed a bug where using remote access created by Domum resulted in users receiving a ā500 Internal Server Errorā response.
5939
Fixed formatting issue in the access expiration warning email for Domum Remote Access users.
Product Updates
Item
Description
5185
Added an improvement that displays the customer logo on the Domum Remote Access login screen and third-party desktop, reinforcing the customer brand.
4127
Added an improvement to the Access Control History Domum“s report. It now presents details, such as the person responsible for cancellation. This feature refines the auditing, clarifying that an already approved access has been canceled.
New feature
Item
Description
4635
Added a notification in the Domum Remote Access module informing the requester, the user, or both that access is about to expire.
5338
Added the batch release feature to the Vendors menu in Domum Remote Acces. This feature prevents the administrator from selecting the same credentials repeatedly during access release.
5337
Added the SSO feature to the Domum Remote Access users with the identity management tool Okta.
3293
Added feature that enables third-party users to request their own access to a credential or to extend an already authorized access.
2929
Added a new feature to Domum Remote Access which enables the provisioning of third-party users using Identity Governance and Administration (IGA) tools.
A2A
Bug fixes
No changes.
Product Updates
Item
Description
5164
The Device values returned by the API when using the GET method to query a single device have been updated. Previously, not all available fields were displayed.
5135
Added API to create, check, edit, and inactivate Related Users.
New Feature
No changes.
Removed
Item
Description
5942
The function that allowed changing or updating an A2A application through an API has been removed.
DevOps Secret Manager
New Features
Item
Description
4076
Added integration with Azure Key Vault for rotating secrets.
4946
Added the possibility to create approval flows for viewing secrets.
4380
Added two fields for segregating information in DSM applications: Lines of Business and Types of Application. Used to organize and manage the applications registered in the product.
4413
Added the possibility to download private keys associated with secrets.
Product Updates
Item
Description
5414
Performance improvements when viewing secret versions.
Bug fixes
Item
Description
4947
Fixed the bug that caused the minutes text to follow the scrolling action.
5053
Fixed the bug that prevented automations from working when executing operations related to secrets.
4954
Fixed the bug causing the secrets not to work properly when special characters were added.
5045
Fixed the bug that caused DevOps Secret Manager access groups to not appear in AD group synchronization.
5250
Fixed the bug causing some texts not to be displayed correctly.
5056
Fixed the bug causing Ambients and Systems values to display incorrectly in the reports lists on DevOps Secret Manager screens.Fixed the bug causing ambients and systems not to be displayed correctly.
5046
Fixed the bug that caused robots for password rotation and dynamic provisioning not to execute when using Cassandra.
5054
Fixed the bug that caused Access Group processing to not be executed correctly after an API request.
5055
Fixed the bug that caused ephemeral credentials to remain accessible even after they were removed.
5047
Fixed the bug that was preventing the execution of robots for password rotation and dynamic provisioning when using Redis.
5056
Fixed an error that prevented the visualization of environments and authorization systems.
c
Product Updates
No changes.
Executions
Bug fixes
Item
Description
5109
After enabling automatic SSH key exchange, the credentials are not displayed on the password change request screen. Instead, the user has to access the "List Operations" screen to view the credentials.
Product Updates
Item
Description
4515
In operation automation, inactive action items will no longer display the option to be executed.
New Feature
No changes.
Task Manager
Bug fixes
No changes.
Product Updates
No changes.
New Feature
No changes.
Item
Description
5254
The option to schedule the execution of tasks with intervals of minutes was added.
MySafe
Bug fixes
Item
Description
5162
The new senhasegura feature "User Group entity" resolved the issue of unintentionally removing users from MySafe groups. The removal used to occur during AD Group synchronization.
Product Updates
Item
Description
5121
Updated the incorrect link on the MySafe homepage to direct users to the correct product documentation in their chosen language.
4975
Added an option for users to reactivate passwords previously created and deactivated in MySafe.
4976
Added an option for users to reactivate files previously created and deactivated in MySafe. Additionally, a filter has been implemented to list inactive files.
4977
Added an option for users to reactivate previously created and deactivated notes in MySafe.
4770
Updated the password copying feature in MySafe. Previously, when clicking "Copy password," users received a warning and confirmation request. The warning notification now appears before the click, allowing an informed decision.
New feature
Item
Description
4809
Added a feature that generates a history report for passwords, files, and notes, allowing users to view all recorded data versions and changes over time.
4756
Added the batch import feature to MySafe. The module now supports batch import of passwords and notes, allowing users to import multiple information pieces simultaneously.
4765
Added new APIs to MySafe. These APIs allow users to get and create passwords and notes. Additionally, APIs were included for deactivating, reactivating, and updating passwords and notes.
User Behavior
Bug fixes
No changes.
Product Updates
No changes.
New feature
Item
Description
4543
A behavior ranking generated through suspicious user actions within the application was created.
Translation Fixes
Item
Description
5910
Fixed translation errors in User Behavior related screens.
Network Connector
Bug fixes
Item
Description
5270
Fixed an error that occurred when synchronizing an AD group using the configured network connector, resulting in a failed sync.
Product Updates
No changes.
New Feature
No changes.
Protected Information
Deprecated
This module has been deprecated. For more information, please check the Protected Information.
General Translation Fixes
Item
Description
3101
An English string translated in the Certificate Manager module was fixed. The editing screen, previously named "New profile" has been changed to "Publish profile.ā
5721
English words showing in the Portuguese version of the Certificate Manager module were translated.
5728
Fixed the translation bug in the batch import progress screen in the Domum Remote Access module.
5729
Fixed the translation bug in the vendor shortcut description in the Domum Remote Access module .
5507
Error in the text: "Incident # XX - Master key guargian inactive". The correct spelling is "Incident # XX - Master key guardian inactive".
5282
Fixed translation error in the text of Bulk Action emails.
4660
Updated the message that displays when an administrator creates a new user without SMTP configured in senhasegura.
4919, 4974
Fixed Polish language with untranslated words.
5295
Replaced the terms "master" and "slave" with "primary" and "non-primary" to conform with the new standards established by modern clusters.