Veza Product Update - Feb'23

Integrations

• Veza-built OAA integrations are now available for Bitbucket and Jira Server.

• The Oracle Fusion Cloud OAA integration now supports gathering permissions to resources.

• OAA SDK enhancements now enable pre-loading Reports for Veza Insights. Veza-built reports are now included for the GitHub connector.

• Insight Point from Veza can now be deployed as a Virtual Machine. An OVA file with vSphere 6.5+ and Oracle VM VirtualBox 6.0+ is now provided for customers.

Veza for Box (Early Access)

Our integration for Box.com provides the capability to gather Users, Groups, Roles, and Folders, and correlate local accounts with external identities from an Identity Provider (IdP) such as Okta or Azure AD. You can use Workflows, Search, and Insights to understand, manage, and control least-privilege access within a Box organization. A few sample user stories include:

• Find Box Accounts with deactivated IdP identities or without a matching IdP user.

• Find empty Box Groups with no Box Accounts as members.

• Find Box Folders by IdP account region (such as users from external regions).

• Find Box Folders accessible by external collaborators.

• Find Box Users with admin privileges on Box Enterprise.

Veza for ServiceNow (Early Access)

A new Veza integration enables discovery of Users, Groups, ACL Rules, and Roles for ServiceNow SaaS applications. The integration can:

• Correlate your corporate identities from an IDP like Okta or AzureAD with ServiceNow local accounts to ensure access complies with security policies.

• Search & visualize relationships between ServiceNow Users and Groups, and Access Control Lists (ACLs) using Authorization Graph and Query Builder.

• Audit ServiceNow ACL Rules by activity status, scope, date created, or allowed operation.

Insights

Administrators can now decide what insights are most relevant to their teams, and customize the Veza Dashboard with fully-customizable Reports.

• The Veza Dashboard now offers support for additional risk tiles, now shown across several pages when more than six reports are in the Dashboard Reports category. Access Control Risks tiles can now be removed directly from the primary Veza dashboard.

• A new Access Intelligence > Reports landing page provides ways to organize into user-defined categories. A new Reports page can be filtered by label and integration type

• The Report Library now includes creation dates along with the option to Clone reports and filter by report label or integration.

• Configuring Reports is now significantly easier with an improved Edit Mode, with new sections and privacy settings. An improved Add Query menu makes it easy to find queries based on a search term, label, or integration.

• New queries for Snowflake, AWS, Google, GitHub, Salesforce, and Azure SharePoint are added to Saved Queries and Veza reports

Workflows

To enable alternate reviewers to fulfill responsibilities of managers who are out-of-office or otherwise unavailable, administrators can now assign Delegate Reviewers with a preview API.

Certifications can now have a draft or published (in progress) status, allowing creators to validate results and settings, and assign reviewers before the certification is public. Drafts are highlighted when viewing workflow certifications, with the option to Publish.

Workflows and certifications have received significant performance improvements for all users:

• For Admin & Operators:

  • Workflows Page: 2x faster loading speed.

  • Reviewer Auto-Assignments: 3x improved performance for creating certifications.

• For Access Reviewers:

  • Single Operations: 5x faster loading times for page loading, filtering, and smart actions.

  • Concurrent Operations: 2x faster row updates and 20x faster loading, filtering, and smart actions with 50-100 active users.