Veza Product Update - Jan'23

Insights

Veza Insights has received a significant overhaul to make Veza assessments and reporting more digestible, actionable, and customizable for the needs of our key users - IAM admins, GRC teams, Security Engineering teams, and Data/App owners. Please see the latest experience at Veza Insights > Reporting.

• Customizable report sections now drive the Access Risks dashboard on the primary Veza landing page. Veza users can add, remove, or customize queries in these reports, to filter and fine-tune the information shown to other users.

• Veza users are now able to create private reports (only visible to owners), or publish the reports for other users and teams.

• New assessment queries are added to Saved Queries and Reports for visibility into dormant users, service account access to cloud services and data systems, and many other privileged access risks.

• Legacy queries now provide more relevant insights and take advantage of the newest search features.

Integrations

• Custom Attributes for Okta and Azure AD: Veza can now discover and search any custom security attributes organizations might use to enrich Azure AD or Okta user metadata. These Custom Properties to discover can now be specified when configuring a supported identity provider.

• New Veza Built OAA integrations are now available to support Oracle Fusion Cloud and Coupa.

• It's now possible to search and filter by Google Cloud - Workspace Group Membership and KMS and BigQuery Role Binding. These entities can be visualized using Explain Effective Permissions, or by changing the query mode.

Veza Platform

• The Entities page is overhauled for improved navigation and performance. It's now significantly easier to review all entity types and discovered entities, including RBAC elements, such as Role Binding and Group Membership.

• All search interfaces now have a more consistent layout for improved interoperability across Graph, Queries, and Workflows. Many more saved queries can now be opened in Graph.

• The default date and time format is now a friendly relative description ("1 day ago", "2 hours ago"). You can click the date to view absolute timestamps for the local timezone or UTC.

Search and Query Builder

• Excluded and Required Entities: you can now filter results based on the existence (or absence) of related RBAC entities such as group, role, or service account. Entity types to include or exclude can additionally have attribute filters to further narrow results (for example, search all resource access that involves the 'Developers' group).

• Query Builder searches (which can sort and filter results based on the number of related entities), now support the option to customize thresholds with an operator (such as greater than or less than) on grouped entity count.

• You can now change the source entity when selecting an Effective Permission to _explain_in Graph. This can be helpful when the source is not as expected, or to inspect permission configurations for different source and destination pairs.

Veza Workflows

• Certification results can now be auto-assigned to the appropriate resource manager, user manager, or fallback reviewer after certification begins (previously, this was only possible during certification creation).

• To provide reviewers with quick visibility into inactive accounts, it's now possible to highlight certification results for dormant users. These support-enabled rules can apply to a single certification, or all certifications for a workflow.

• As part of our commitment to improving speed and ease of certifications, Workflows have received several enhancements around page loading, smart actions, and overall performance.