- 10 minutes to read
-
Print
-
DarkLight
-
PDF
Changelog v3.27
- 10 minutes to read
-
Print
-
DarkLight
-
PDF
Release date: Monday, January 30, 2023
Check below the new features, improvements, and errors fixed in this version of senhasegura.
Release highlights
One Identity Manager integration
The integration of senhasegura with the IGA One Identity Manager solution aims to centralize access control and release within our platform. Based on the concept of Identity Governance and Administration (IGA), it unifies privileged information, mitigating the risks related to the authorization of users to enter different environments.
Therefore, such incorporation allows for greater control of the expansion of identity and, consequently, the strengthening of the cybersecurity posture.
HSM Entrust nShield integration
Hardware Security Modules (HSMs) are used for generating and storing keys for encrypting sensitive and privileged data. The integration of the senhasegura vault with Entrust's nShield HSM, the leading global supplier of this product, aims to offer even more security to users and their information, following regulatory cybersecurity standards and improving business standards.
AWS Certificate Manager integration
The integration of senhasegura Certificate Manager with AWS Certificate Manager (ACM) brings with it the solution for signing, provisioning, managing and deploying public SSL/TLS certificates, also known as electronic identities. Focused on security and traffic protection, this incorporation aims to make keys compatible and automate such processes, guaranteeing the legitimacy of the lifecycle of public certificates.
Changelog per module
PAM Core
Due to a security issue scenario, web application sessions (VNCHTTP) with SSL certificate errors currently require an automation macro to navigate through the invalid certificate and authenticate normally.
Please follow the troubleshooting guide - Link.
A new solution will be implemented in future versions.
Bugfix
Item | Description |
---|---|
Bugfix 5058 |
Fixed scenario when access group approval has two approvers confirmation at the same time, would only recognize one, not both. |
Bugfix 4489 |
Fixed bug in tygervnc type TCP connections that were activating even after the firefox container was terminated. |
Bugfix 623 |
Fixed conflicting information in the Desktop Dashboard. |
Bugfix 4927 |
Fixed an error in the device that was not being listed when registering a credential with a user related to a particular tenant. |
Bugfix 4926 |
Fixed bug that was not allowing permission "PAM.PrivilegedAccounts.Credentials.View" access to credential details PAM Core ➔ Credentials ➔ All ➔ Detail. |
Bugfix 4698 |
Fixed bug that was not finding the credential by IP or hostname. |
Bugfix 4565 |
Fixed bug that was allowing a device without connectivity to see the option to start a session. |
Bugfix 4530 |
Added message to inform that the user inside two access groups uses the settings from the most restrictive group. |
Bugfix 4777 |
Fixe in reports to improve the visualization of grouping information in CSV. |
Bugfix 4411 |
Added Russian strings to the vault. |
Bugfix 3810 |
Fixed a language bug when generating a General Use dashboard report. |
Bugfix 4940 |
Fixed display so that when the device lacks registered connectivity, the login action will not show on the home screen. |
Bugfix 5140 |
Improvement in the content of the session video approval notification. |
Bugfix 5013 |
Adjustment in the RDP and SSH download shortcuts. |
Improvement
Item | Description |
---|---|
Improvement 4524 |
Added: selecting multiple credentials to enable, disable or edit in bulk. |
Improvement 3797 |
Added more information to the Audit tracking and Syslog reports about access groups. |
Improvement 5015 |
Change French language from Beta to official language. |
Improvement 4924 |
Changed where PAM.Devices.View does not give access to "Review and Certification" PAM Core ➔ Settings ➔ Access ➔ Review and certification anymore, and "PAM.Settings.List" give access to "Review and Certification". |
Improvement 4742 |
Change to improve the user experience when making a session request to wait for approval with the screen open. |
Improvement 4713 |
Change in item "View unusual credential" so that a string "View unusual credential" can be applied. |
Improvement 4627 |
Fixed string translated in the vulnerability analysis section. |
Improvement 4529 |
Added message to confirm if the user wants to create a credential without a password. |
Improvement 4509 |
Added: the status 'In Progress' only for the domain credentials being used in domain devices. |
Improvement 3893 |
Changed Syslog messages to distinguish logs between emergency access or default approval. |
Improvement 4208 |
Added the rule for access groups to require approval based on the days of the week. |
Improvement 4201 |
Improved the naming standards in Desktop application and Macros for a better definition of each entity. |
Improvement 5106 |
Adjustment in the alphabetical ordering of the group list presentation when registering AD Group synchronization. |
Improvement 4894 |
Update the behavior of the "Enable password change after session open?" function. |
Improvement 5107 |
Usability improvements in the SSH key details screen. |
Improvement 4573 |
Added the [host_ip] tag to the Web session parameters. |
Improvement 4948 |
Added the option to change the password via LDAP/LDAPS for FreeIPA users. |
Improvement 4813 |
Added a proxy for transparent OAuth 2.0 support over IMAP/POP/SMTP protocols. |
New Feature
Item | Description |
---|---|
New feature 4937 |
Added Built-in roles in PAM Operator for Multitenant. |
New feature 4540 |
Added: selecting multiple devices to enable, disable or edit in bulk. |
New feature 4531 |
Added: integration with Entrust HSM nShield. |
New feature 3547 |
Added integration with ITSM GLPI for ticket validation during Approval Workflow. |
New feature 5000 |
Added Polish keyboard with the ability to change the language of sessions. |
Security
Item | Description |
---|---|
Security 4795 |
Fixed a bug in Multitenant where the access group "Full Access" allowed access to information for users of other tenants. |
Discontinued
Item | Description |
---|---|
Discontinued 4797 |
Discontinued the magnifying glass icon when viewing a session recording. |
Discovery
Bugfix
Item | Description |
---|---|
Bugfix 4741 |
Fixed an automatic device import bug in the Discovery module. |
Bugfix 4799 |
Fixed error that returned with a double domain when performing a Domain Discovery. |
Bugfix 4700 |
Fixed the form that prevented the cadastral update of a Container Scan. |
Bugfix 4248 |
Fixed a string heading in the Discovery module. |
Bugfix 4798 |
Fixed bug that associated disabled glossaries with new Discovery. |
Bugfix 4792 |
Fixed the error generated when the configuration of a Discovery device was edited. |
Improvement
Item | Description |
---|---|
Improvement 4897 |
Added an action to reset Scan authentication cache. |
Improvement 4896 |
Fixed translation texts when editing a glossary. |
Improvement 4696 |
Added: scan deactivation for the corresponding Discovery. |
Improvement 4477 |
Removed: the string 'imported' that was repeated as a filter. |
Improvement 4326 |
Fixed string translation in Discovey module. |
New Feature
Item | Description |
---|---|
New feature 4889 |
Added orbit command to perform Discovery base cleanup procedure. |
New feature 4805 |
Added complete support for Solaris devices in Discovery. |
Certificate Manager
Bugfix
Item | Description |
---|---|
Bugfix 4933 |
Fixed error when signing certificates in the Site Blindado. |
Bugfix 4254 |
Fixed error in Certificate Manager when downloading a key imported via Discovery, where the user received a file with the ID instead of the file name in the warehouse. |
Bugfix 4536 |
Fixed: bug hiding the collum grid titles when editing a certificate. |
Bugfix 3967 |
Fixed a bug that downloaded certificates only in the .crt extension. |
Bugfix 4780 |
Fixed the bug that considered unconventional e-mail domains invalid. |
Improvement
Item | Description |
---|---|
Improvement 4005 |
Added option to generate an instant password for the user to save a request. |
New Feature
Item | Description |
---|---|
New feature 4609 |
Added Integration AWS/ACM for Public Certificates. |
New feature 4810 |
Added the ability to download the complete .pfx certificate chain. |
Orbit
Bugfix
Item | Description |
---|---|
Bugfix 3573 |
Fixed a bug that duplicated backup files. |
Bugfix 4247 |
Fixed a blocklist bug where the FORWARD chain is no longer blocked after being unlocked. |
Bugfix 4463 |
Added Portuguese translation for many words within the Orbit module. |
Bugfix 3854 |
Fixed strings translation bug in the German language. |
Improvement
Item | Description |
---|---|
Improvement 3820 |
Added the possibility to register more than one monitoring server via the screen. |
Improvement 4775 |
Improved the call to the URL "/flow/orbit/mntr/activate" and the recovery button that normalizes elasticsearch performing stop and start for incident scenarios where the user must assume the autonomous secondary instance. |
Improvement 4568 |
Added possibility of string registration without informing the HTTPS protocol in the URL. |
Improvement 4564 |
Added alert to inform administrator that CRON service is not running. |
Improvement 4548 |
Changed text displayed on the System Updates page. |
Improvement 4708 |
Added orbit command "orbit default-interface" for resetting network interfaces. |
Improvement 4105 |
Added a 30 minute timeout to prevent an email sending bug. |
Improvement 4632 |
Changed new design for the applicantion modules. |
Improvement 4716 |
Changed the list of modules displayed on the permissions listing screen. |
Improvement 3855 |
Added strings in the translation for the German language. |
New Feature
Item | Description |
---|---|
New feature 4222 |
Comando Orbit criado que permite desbloquear IPs ICMP. |
New feature 4749 |
Adicionado ao Orbit Web Interface, uma opção para liberar o acesso ao Balancer VIP. |
New feature 2735 |
Added AD/LDAP integration tab to add users in Domum module when registering synchronization groups. |
New feature 3232 |
Added the audit tracking process to configuration changes in the ITSM integration. |
New feature 5135 |
Added API Endpoits to manage related users. |
Discontinued
Item | Description |
---|---|
Discontinued 4615 |
Discontinued the options "Event log" and "Access denied" located inside the Access to the system item. |
GO Endpoint Manager
Improvement
Item | Description |
---|---|
Improvement 4019 |
Changed senhasegura Go dashboard to report only active and authorized users. |
Improvement 4913 |
Translation fix in Go Enpoint Manager. |
Improvement 4912 |
Fixed the string with the wrong message in the Go Endpoint Manager module. |
GO Endpoint Manager Windows
Improvement
Item | Description |
---|---|
Improvement 4923 |
Windows User is now registry during agent instalation. |
Improvement 4446 |
Added independet approval workflow to GO Endpoint Manager. |
Improvement 4335 |
Added: application version column inside the applications list. |
Improvement 4900 |
Added the option to change PEDM Windows agent language in the agent interface. |
New Feature
Item | Description |
---|---|
New feature 4784 |
Added impersonation elevation in senhasegura.go for Windows. |
GO Endpoint Manager Linux
Improvement
Item | Description |
---|---|
Improvement 4745 |
Improved user experience in PEDM Linux client installation process. |
Domum Remote Access
Bugfix
Item | Description |
---|---|
Bugfix 4748 |
Added a validation when creating a user that checks if the entered username does not already exist in Domum. |
Bugfix 5017 |
Fixed scenario when prevented access using a macro (RemoteApp) through Domum. |
Authentication
Improvement
Item | Description |
---|---|
Improvement 4890 |
Improved user experience by changing the "Token" name to "Configure MFA". |
New Feature
Item | Description |
---|---|
New feature 4910 |
Added AuthID icon when using as SSO option. |
New feature 4782 |
Added AuthID to OpenID provider list. |
New feature 3302 |
Added new integration through SCIM with the One Identity Manager. |
A2A
Bugfix
Item | Description |
---|---|
Bugfix 4773 |
Fixed the names of the PAM Core and Certificate Manager products. |
Bugfix 5013 |
Fixed the Get and Post paramaters in the A2A. |
New Feature
Item | Description |
---|---|
New feature 4772 |
Added option to export report logs with Elasticsearch data. |
New feature 4895 |
New API method for credential serach added to PAM. |
DevOps Secret Manager
Bugfix
Item | Description |
---|---|
Bugfix 4381 |
Fixed bug that was changing info about Oauth 1.0 authorization tokens. |
Improvement
Item | Description |
---|---|
Improvement 4414 |
Added read only/read&write options for authorizations. |
Improvement 4781 |
Added auto-renewal fields in Secret APIs. |
Security
Item | Description |
---|---|
Secuirty 4929 |
Improvement in control credential permission when accessed through API. Added an extra verification step for the API situations. |
Secuirty 4930 |
Password from credentials in Secrets can now only be viewed in PAM Core. |
Secuirty 4931 |
Changed APIs and Secret endpoint permission for security improvement. |
Secuirty 4932 |
Fixed an error when new users without access group could have access to DSM applications. |
Executions
Bugfix
Item | Description |
---|---|
Bugfix 4242 |
Fixed a string translation bug when changing password through Windows RM. |
Improvement
Item | Description |
---|---|
Improvement 4251 |
Added template category in credential change report. |
Improvement 4060 |
Improved ssh key exchange to work in SH type shell. |
Improvement 3869 |
Added the "Requester" field to filter the list of operations in the Executions module. |
Discontinued
Item | Description |
---|---|
Discontinued 4638 |
Removed SMB executor plugin. |
Task Manager
Bugfix
Item | Description |
---|---|
Bugfix 4664 |
Fixed: bug inside the 3.24 version that was authenticating a task with the wrong credential in the Task Manager module. |
MySafe
Bugfix
Item | Description |
---|---|
Bugfix 5082 |
Fixed error where approval workflow is activated when editing Access Group in MySafe, going through all steps, and saving without any change. |
Improvement
Item | Description |
---|---|
Improvement 4754 |
Added license consumption reports in Dashboards ➔ System Consumption ➔ General MySafe. Licensing |
Protected Information
Bugfix
Item | Description |
---|---|
Bugfix 4901 |
Fixed error in sending protected information emails to users registered in the special notification list. Protected Info [Deprecated] |
Network Connector
No changes to Network Connector.
Translation
Bugfix
Item | Description |
---|---|
Bugfix 5033 |
Fixed translation strings not translated in Settings section. |
Here you will find the changes to the entire senhasegura platform. Targeting by Part Number is not considered in this document. Consult your sales representative to purchase other features.
Other versions
You can see the older documentation versions here.