Changelog v3.28
  • 17 minutes to read
  • Dark
    Light
  • PDF

Changelog v3.28

  • Dark
    Light
  • PDF

Article Summary

Release date: Monday, May 15, 2023

Check below the new features, improvements, and errors fixed in this version of senhasegura.

For GO Endpoint Manager

Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application.
These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.


💡 Highlights

Integration with KeyVault Azure

The integration of DevOps Secret Manager senhasegura with the Key Vault Azure cloud service improves the management and security of secrets, adding resources of rotation and encryption in transit and at rest. The solution ensures productivity and reliability for the DevOps chain throughout the privileged information lifecycle. In addition, developers and pipeline administrators have better visibility and consumption statistics. The result is a high standard of security guaranteed by the union of leading companies in the market.


What's New in MySafe

MySafe, recently launched by senhasegura, has improved its usability and security. Worthy of mention is the ability to import and migrate data from Keeper and LastPass tools, as well as the option to verify old information through versioning and control the reactivation of passwords, files, and notes. With these new functionalities, MySafe becomes even more efficient in managing, storing, and sharing confidential information, always following the best security practices in the market.


Creation of User Groups

To enhance the use of senhasegura, a new entity called the "User Group" is being developed. The purpose is to offer an even more fluid and intuitive experience to users of our products. The first version of the “User Group” is available and works by associating users who have similar permissions, which are linked to an access group. This access group works as a filter that segregates the actions a user can perform within the platform. In this scenario, the same user can belong to different access groups, and the “User Group” makes it possible to structure permissions appropriately, following the concept of least privilege and guaranteeing the security of decision-making.


⚙ Changelog per module

PAM Core

Bug fixes

ItemDescription
4886Fixed a bug where information such as menu and title were sometimes not visible within scheduled reports.
5160Fixed a bug where senhasegura would send 15 email alerts about the expiration of protected information.
3680Fixed an error where "view password" notification emails were being sent in the language preference of the user who viewed the password instead of the email recipient's language preference.
4940Fixed bug where "Start Session" button appeared in search bar for credential results even when device had no connectivity causing "Unexpected error" message.
5257Fixed bug where the Terminal Proxy was unable to display Polish characters correctly.
5315Fixed issue with Russian characters in HTTP sessions with the Web proxy on senhasegura. Previously, only a few keys were recognized, causing other keys to not be recognized or printed.
5407Fixed issue where starting a Remote Desktop Protocol (RDP) Proxy session with credentials in the format of "domainName\credentialName" would result in an error preventing the session from starting.
5302Fixed bug where the variable [#USERNAME#] used in the Access Group failed to filter credentials starting with 0 (zero).
5343Fixed issue where selecting Risk Analysis in the actions menu of a finished remote session would open a new browser window with an "Internal Server Error" message. This issue occurred when using Portuguese, French, or Spanish language.
5149Fixed issue where users would get an "Internal Server Error" when they tried to use "Emergency Access" after their request was already denied. The error occurred when they tried to provide a justification for their request.
3921Fixed scenario where if a password validation failure occurred during the credential registration process and the user manually entered the password, they would be unable to save the credential information, requiring them to start a new registration form.
4637The bug causing the system to crash for domain users with two or more emails associated with their accounts when using LDAP group sync was fixed.
5846Fixed error that prevented users from performing "Emergency Access" during an RDP Proxy session with domain credentials on devices where the credentials were not registered.
5941Fixed bug that prevented the start of a Livestream for an active remote session.

Product Updates

ItemDescription
4668During the initial wizard setup in senhasegura, a warning box was added to alert users that if DHCP is enabled in the operating system, DNS configuration may not work.
605The detail view icon was incorrect in some reports. We have replaced the three lines with a magnifying glass icon.
4786The "Active" and "Role status" search filters are now enabled by default in the Roles by Users screen.
5000Added the option to select the Polish keyboard layout for web sessions.
5000Added the option to select the Polish keyboard layout to be used in web sessions.
4948Added option to change the password via LDAP\LDAPS of FreeIPA users.
4813Added support to OAuth 2.0 authentication over IMAP, POP, and SMTP protocols.
5140Improvement of the content from approval notification of the video session by email
4573Added the [host_ip] tag for use in the "Value" field of Web Session Parameters configuration.
4894Updated option "Enable password change after login?" for change the password only if automatic password change is enabled.
4942Added an approval structure for specific queries
5107Usability improvements to the SSH keys details screen
4808Improvement in the batch import spreadsheet of credentials.
4088Improved how senhasegura displays sensitive fields when configuring login providers and ITSM integration. Also, standard terminology is now used for secrets, keys, or tokens.
3642Adjustment in the endpoint used for integration with ITSM servicenow to query Requisition tickets.
3690Added batch registration to allow for editing or creating multiple users and their main providers in the "providers per user" feature.
5106Improvement of the visualization of AD groups with list display in alphabetical order
5258Users can now upload icons for their devices categorized by Vendors, Types and Products.
3221The screen titles for "Settings > Backup > Protected Information" and "Dashboards > System Consumption > Protected Information." now use "Protected Information" instead of "Secrets" to avoid confusion with other features that also use the term "Secrets."
5796Changed the LDAP group synchronization configuration to use the new feature of user group entities.
3329Now users can export a report with all their personal information saved in senhasegura, to comply with LGPD and GDPR regulations.
5335Added an option to use Azure AD Provisioning as an authentication provider in senhasegura.
5163Added Approval Workflow for user permission change.
5379Added support for user authentication with SSO using SAML and 'X509 MultiFactor' enabled.
4100When the device has no registered connectivity, the "Start Session" action will not be displayed for the credentials.
5148Added option to view session video directly from senhasegura dashboard, and fast-forwarding to the moment when the command is executed.
5013The "Start sessions locally" shortcut functionality will no longer display shortcuts for RDP and SSH downloads for credentials if the device does not have the respective connections added.
3642Changed how the ServiceNow ITSM integration works, where senhasegura was unable to find all ticket types in ServiceNow.
5416Added the feature User Groups which allows the association of access groups to a single group.
5336Added a new tag “Custom Code” to launch web sessions as a third login field.

New Feature

ItemDescription
3455The user password change screen has added an option to generate a password.
4612An icon with a link to senhasegura documentation was added to the product screens.
5685Added a default RemoteApp for bypassing insecure certificates.
3310Improved the way senhasegura sets up and provides feedback about the Batch User Import process.

Security

ItemDescription
5776Fixed the scenario where some features were allowing users to watch recorded sessions without going through the approval workflow.
5283Fixed security issue that could occur during automation in a web session.

Translation Fixes

ItemDescription
5500Fixed untranslated strings in the Polish language for the web session.
5073General translation fix.
5853Fixed the translation of risk analysis events from a session.

senhasegura Proxies

Product Updates

ItemDescription
4705The user will no longer be immediately disconnected if you mistyped your MFA when authenticating with the Senhasegura Terminal proxy. Instead, you will have three attempts to enter the correct MFA before closing the connection.

Discovery

Bug fixes

No changes.

Product Updates

No changes.

New Feature

No changes.


Certificate Manager

Bug fixes

ItemDescription
3804The bug causing the system to crash when users included the '&' symbol in their passwords to download certificates was fixed. The system now displays a message indicating that '&' is not an allowed password symbol.
4617The bug causing the system to present -1 as a value for the ISPB inside Certificates A1 was fixed. Now, the system displays ‘undefined’ if there’s no ISPB value informed.
5362The bug that prevented Certificate Manager from signing certificates with a Microsoft CA through the Network Connector was fixed.

Product Updates

No changes.

New Feature

No changes.


Orbit

Bug fixes

No changes.

Product Updates

ItemDescription
4571The notification message has been updated to notify users when the "Hostname" or "Timezone" values are changed. After changes, a system reboot is needed. A new license may be required too. If other fields are changed, only related services will be restarted.
4514Now it is possible to check system incidents and alerts using Orbit web.

New Feature

ItemDescription
4133Monitoring tools for GCP have been added to the senhasegura VM.
5184Added new command for setting up backup schedule (orbit backup time)

GO Endpoint Manager Windows

For GO Endpoint Manager

Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application.
These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.

Bug fixes

ItemDescription
4961Fixed problem with the PEDM Windows automation that caused the macro to click in the wrong place during automation.
5771, 5891Fixed a bug that caused UAC to not work when MFA was enabled.
5807Fixed bug to manually add files with "msc" extension in GO Endpoint Manager Core.

Product Updates

ItemDescription
5027Improved performance for the senhasegura API.
5360Improved performance of how the GO Endpoint Manager for Windows saves logs.
5137Improvement on how passwords are stored using senhasegura Vault credentials in offline mode.
5423Improved automation execution to prevent errors for applications requiring privileged access.
5467Updates are now more efficient, only updating installed modules instead of all three when installing only one or two.
4789Improved the performance of session recording in GO Endpoint Manager for Windows.
5736Updated driver for web automation.
5795Added notifications on the workstation when synchronizing policies, credentials, and local groups in GO Endpoint Manager for Windows to indicate the start and end of the sync.

New Feature

ItemDescription
5104New reports for GO Endpoint Manager for Windows are now available. These reports provide information about deleted users in local groups, users in the local administrators group, and users in the local power users group.
5004Added parameterization of directories to be ignored in the start menu scan.
4998Added the option to specify directories that should be ignored during application scanning.
4999"Segregation by users" is now an additional option for administrators to create PEDM window policies and segregated parameters.
4118When offline mode is enabled, the PEDM agent uses the last synchronized policy, allowing the user to continue working through PEDM even if the workstation is offline.

GO Endpoint Manager Windows - Legacy

For GO Endpoint Manager

Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application.
These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.

Bug fixes

ItemDescription
5196Improved user elevation flow to be compatible with Windows 7/ Server 2008 R2.
5169Fixed error where the remote session identifier for the agent was not being sent to the senhasegura backend, resulting in the agent being unable to run registered applications.

GO Endpoint Manager Linux

For GO Endpoint Manager

Currently, in version 3.27, the packages for operating GO Endpoint Manager are functional with the 3.28 version of the senhasegura application.
These features will be available in a future patch update for GO Endpoint Manager. Thank you for your patience and understanding.

Bug fixes

ItemDescription
4938Fixed error that caused negative times to be displayed under the "duration" column for GO Endpoint Manager for Linux sessions in the remote sessions report.
5081Fixed the Access Policy form validation error. It is only possible to save an access policy if a policy has been selected on the main tab. Otherwise, the user is redirected to the main tab.

New Feature

ItemDescription
4743Changes have been made to the PEDM Linux Policies registration screen to make it simpler and more user-friendly for system administrators to add new rules.
4903, 4752The "Rules for sudo" and "Access policies" features are now installed and executed as independent binaries.
4747Added parameterization of functions for GO Endpoint Manager for Linux and AD Bridge.

Product Updates

ItemDescription
4744Session recording no longer requires "secpack-trec" binary. Instead, administrators can enable recording when creating a new rule.
5410Caitsith module version update.

Domum Remote Access

Bug fixes

ItemDescription
4706Fixed a bug where using remote access created by Domum resulted in users receiving a “500 Internal Server Error” response.
5939Fixed formatting issue in the access expiration warning email for Domum Remote Access users.

Product Updates

ItemDescription
5185Added an improvement that displays the customer logo on the Domum Remote Access login screen and third-party desktop, reinforcing the customer brand.
4127Added an improvement to the Access Control History Domum´s report. It now presents details, such as the person responsible for cancellation. This feature refines the auditing, clarifying that an already approved access has been canceled.

New feature

ItemDescription
4635Added a notification in the Domum Remote Access module informing the requester, the user, or both that access is about to expire.
5338Added the batch release feature to the Vendors menu in Domum Remote Acces. This feature prevents the administrator from selecting the same credentials repeatedly during access release.
5337Added the SSO feature to the Domum Remote Access users with the identity management tool Okta.
3293Added feature that enables third-party users to request their own access to a credential or to extend an already authorized access.
2929Added a new feature to Domum Remote Access which enables the provisioning of third-party users using Identity Governance and Administration (IGA) tools.

A2A

Bug fixes

No changes.

Product Updates

ItemDescription
5164The Device values returned by the API when using the GET method to query a single device have been updated. Previously, not all available fields were displayed.
5135Added API to create, check, edit, and inactivate Related Users.

New Feature

No changes.

Removed

ItemDescription
5942The function that allowed changing or updating an A2A application through an API has been removed.

DevOps Secret Manager

New Features

ItemDescription
4076Added integration with Azure Key Vault for rotating secrets.
4946Added the possibility to create approval flows for viewing secrets.
4380Added two fields for segregating information in DSM applications: Lines of Business and Types of Application. Used to organize and manage the applications registered in the product.
4413Added the possibility to download private keys associated with secrets.

Product Updates

ItemDescription
5414Performance improvements when viewing secret versions.

Bug fixes

ItemDescription
4947Fixed the bug that caused the minutes text to follow the scrolling action.
5053Fixed the bug that prevented automations from working when executing operations related to secrets.
4954Fixed the bug causing the secrets not to work properly when special characters were added.
5045Fixed the bug that caused DevOps Secret Manager access groups to not appear in AD group synchronization.
5250Fixed the bug causing some texts not to be displayed correctly.
5056Fixed the bug causing Ambients and Systems values to display incorrectly in the reports lists on DevOps Secret Manager screens.Fixed the bug causing ambients and systems not to be displayed correctly.
5046Fixed the bug that caused robots for password rotation and dynamic provisioning not to execute when using Cassandra.
5054Fixed the bug that caused Access Group processing to not be executed correctly after an API request.
5055Fixed the bug that caused ephemeral credentials to remain accessible even after they were removed.
5047Fixed the bug that was preventing the execution of robots for password rotation and dynamic provisioning when using Redis.
5056Fixed an error that prevented the visualization of environments and authorization systems.

c

Product Updates

No changes.


Executions

Bug fixes

ItemDescription
5109After enabling automatic SSH key exchange, the credentials are not displayed on the password change request screen. Instead, the user has to access the "List Operations" screen to view the credentials.

Product Updates

ItemDescription
4515In operation automation, inactive action items will no longer display the option to be executed.

New Feature

No changes.


Task Manager

Bug fixes

No changes.

Product Updates

No changes.

New Feature

No changes.

ItemDescription
5254The option to schedule the execution of tasks with intervals of minutes was added.

MySafe

Bug fixes

ItemDescription
5162The new senhasegura feature "User Group entity" resolved the issue of unintentionally removing users from MySafe groups. The removal used to occur during AD Group synchronization.

Product Updates

ItemDescription
5121Updated the incorrect link on the MySafe homepage to direct users to the correct product documentation in their chosen language.
4975Added an option for users to reactivate passwords previously created and deactivated in MySafe.
4976Added an option for users to reactivate files previously created and deactivated in MySafe. Additionally, a filter has been implemented to list inactive files.
4977Added an option for users to reactivate previously created and deactivated notes in MySafe.
4770Updated the password copying feature in MySafe. Previously, when clicking "Copy password," users received a warning and confirmation request. The warning notification now appears before the click, allowing an informed decision.

New feature

ItemDescription
4809Added a feature that generates a history report for passwords, files, and notes, allowing users to view all recorded data versions and changes over time.
4756Added the batch import feature to MySafe. The module now supports batch import of passwords and notes, allowing users to import multiple information pieces simultaneously.
4765Added new APIs to MySafe. These APIs allow users to get and create passwords and notes. Additionally, APIs were included for deactivating, reactivating, and updating passwords and notes.

User Behavior

Bug fixes

No changes.

Product Updates

No changes.

New feature

ItemDescription
4543A behavior ranking generated through suspicious user actions within the application was created.

Translation Fixes

ItemDescription
5910Fixed translation errors in User Behavior related screens.

Network Connector

Bug fixes

ItemDescription
5270Fixed an error that occurred when synchronizing an AD group using the configured network connector, resulting in a failed sync.

Product Updates

No changes.

New Feature

No changes.


Protected Information

Deprecated

This module has been deprecated. For more information, please check the Protected Information.


General Translation Fixes

ItemDescription
3101An English string translated in the Certificate Manager module was fixed. The editing screen, previously named "New profile" has been changed to "Publish profile.”
5721English words showing in the Portuguese version of the Certificate Manager module were translated.
5728Fixed the translation bug in the batch import progress screen in the Domum Remote Access module.
5729Fixed the translation bug in the vendor shortcut description in the Domum Remote Access module .
5507Error in the text: "Incident # XX - Master key guargian inactive". The correct spelling is "Incident # XX - Master key guardian inactive".
5282Fixed translation error in the text of Bulk Action emails.
4660Updated the message that displays when an administrator creates a new user without SMTP configured in senhasegura.
4919, 4974Fixed Polish language with untranslated words.
5295Replaced the terms "master" and "slave" with "primary" and "non-primary" to conform with the new standards established by modern clusters.

Other versions

You can see the older documentation versions here.


Was this article helpful?