Summary
This release includes 29 changes across 9 modules. The update focuses primarily on bug fixes (19), alongside 5 new features and 5 product updates. PAM Core received the highest number of changes, with 7 items.
- Release date: 2026-06-24
- Patch: segura | v4.2.7-1
API
New Feature
| Item |
Description |
| SSGR-8796 |
Added API v2 endpoints to manage AD/LDAP group synchronization configurations. You can create, list, retrieve, update, and delete group sync settings, and activate, deactivate, or trigger a sync enabling automated, end-to-end directory governance without the web interface. |
| SSGR-9822 |
Added API v2 endpoints for full lifecycle management of AD/LDAP servers. You can create, list, retrieve, update, and delete servers, manage activation, and test connections automating directory onboarding at scale without the web interface. |
| SSGR-9825 |
Added API v2 endpoints to manage user groups and access policies. You can perform full CRUD on user groups, manage members and associated access policies as sub-resources, and filter by external_id to support AD/LDAP-synced automation without the web interface. |
Certificate Manager
Product Updates
| Item |
Description |
| SSGR-3501 |
Created the endpoint /api/certificate/request/status/{request_id} to retrieve the certificate ID for a signed request. See the documentation: GET | List a request status by [id]. |
| SSGR-10324 |
Improved report titles to better support user navigation through menus, ensuring consistency and usability. The changes are:
- Certificates AWS > AWS.
- Certificates Azure > Azure.
- All Operations > Operations.
- SSL/TLS (Reports > Certificates > Certificate without devices) > Certificates without devices.
- Automations > Automate flow.
- Cloud certificate authorities > Cloud providers. |
Bug fixes
| Item |
Description |
| SSGR-11068 |
Fixed an issue where wildcard certificates were not being imported into Certificate Manager after performing a domain discovery. |
Discovery
Bug fixes
| Item |
Description |
| SSGR-10798 |
Fixed an issue where, when trying to access a device’s latest debugs, an error 500 was displayed. |
| SSGR-10799 |
Fixed an issue where attempting to edit the Plugin field of a newly discovered device resulted in a 500 error. |
Domum Remote Access
Bug fixes
| Item |
Description |
| SSGR-9942 |
Fixed an issue in Domum Remote Access where a third-party user's email address could not contain more than two dots in its local part. Addresses such as [email protected] are now accepted. |
| SSGR-10576 |
Fixed the access-request flow so it now prompts you to configure a vendor's access policy when one is missing, instead of failing. |
| SSGR-10789 |
Fixed the email approval flow so it again detects the responder's sender address. |
| SSGR-10807 |
Fixed a security issue in Domum Remote Access where the control governing whether limited third-party users can request their own access was not always enforced. The setting is now enforced, and self-extension of access requires the configured approval workflow. |
| SSGR-10904 |
Fixed an error when viewing the access history details of internal and third-party users. |
EPM Windows
Product Updates
| Item |
Description |
| SSGR-9838 |
Improved the connection between EPM and the Segura® Platform. Now, if the agent’s authentication token is rejected, it will be automatically renewed, allowing EPM to resume operations without interruption. See the documentation: How to install the EPM Windows agent. |
Bug fixes
| Item |
Description |
| SSGR-10426 |
Fixed an issue where the operational system version wasn’t properly displayed in the EPM Windows Admin Web Interface. |
| SSGR-10569 |
Fixed an issue where it was not possible to access files within a network shared folder. |
Framework
New Feature
| Item |
Description |
| SSGR-3160 |
Added new Orbit alerts that notify administrators when an instance runs with CPU, memory, or disk resources below the recommended levels. The alerts give teams time to take preventive action before the system becomes unavailable. |
| SSGR-8762 |
Added the ITSM Connector Engine, a centralized integration with ServiceNow over REST API. Administrators can configure and manage multiple ServiceNow connections with OAuth 2.0 authentication, health checks, and retry. A single engine is reused across PAM Core, EPM, Domum, DSM, and Certificate Manager for consistent ITSM validation. |
Product Updates
| Item |
Description |
| SSGR-6680 |
Applied usability improvements to the registration wizards on the Segura® Platform to make navigation clearer and more guided. Wizards now include step numbering, short descriptions, visual highlighting of the active step, and completion feedback. |
| SSGR-7491 |
Improved the scalability and performance of Segregated Parameters when managing large device sets. The Devices side panel and selection modal now support pagination, hostname search, and a total-count header, and you can associate devices in bulk by uploading a downloadable XLSX template. |
MySafe
Bug fixes
| Item |
Description |
| SSGR-10600 |
Fixed an issue in the MySafe API that prevented querying secrets by ID when the access key did not have full access permission. |
PAM Core
Bug fixes
| Item |
Description |
| SSGR-9925 |
Fixed an issue where session input and output were not fully recorded in Session text logs for some access protocols, depending on the segregated parameter type (group, device, credential, or origin). All parameter types and protocols now record input and output correctly. |
| SSGR-10285 |
Fixed an issue where the downloaded RDP Proxy shortcut file did not support non-ASCII characters, such as the Cyrillic alphabet, causing them to be incorrectly replaced in the credential and device fields when opening the session. |
| SSGR-10423 |
Fixed an issue where passwords containing a single quote (') were altered or truncated during bulk credential import. Imported passwords now match the import spreadsheet exactly. |
| SSGR-10543 |
Fixed an issue where the livestream of a remote session was displayed as disconnected when viewed from a different node than the one running the session. The livestream can now be viewed from any node in the cluster. |
| SSGR-10605 |
Fixed an issue where the download button for a generated Oracle Wallet did not appear under My certificates, even though the wallet was created successfully. The generated wallet is now linked to the user's certificate and available for download. |
| SSGR-10668 |
Fixed an issue where RemoteApp script steps were cleared and the configuration was not saved when returning to the editing tab after a period of inactivity. |
| SSGR-11104 |
Fixed an issue where processing of recorded SSH and TELNET sessions could fail when a recording contained an empty or truncated data segment. The converter now handles these segments without aborting, so input logs, session playback, and text indexes are generated and the processing queue is no longer interrupted. |
Proxy
Bug fixes
| Item |
Description |
| SSGR-10881 |
Fixed an issue where accented and other special characters were replaced by incorrect symbols when pasting text into a Web Proxy with HTTP/HTTPS session. |