2023.10.16

Changes in Veza release v2023.10.16

EAC-27199 Access Review Scheduling: It's now possible to automate Access Reviews with scheduling rules. To enable, go to Access Reviews, find a workflow, and click Actions > Create Schedule. Veza will start new certifications at the specified times on a weekly basis using the latest Authorization Graph data.
EAC-27454 Access Review Intelligence: You can now use historical decision data to automatically approve or reject results in when creating certifications. For example, you can set automations to auto-approve previously approved or auto-reject previously rejected items.
- The executed automations are shown in each certification's status banner for users with Administrator and Operator roles.
- Veza uses the most recent completed or expired certification for determining prior states.
- A Preview API is available for Administrators to manage these automations, and enable them for specific workflows.
EAC-22278 Approve & Sign Off: This action is now universally available for certification reviewers.

EAC-28182: Disabled the Smart Action button for multi-row selection, to indicate when a Bulk Action should be used instead.
EAC-28121: Fixed an issue where exporting to CSV in certification view did not include the selected columns.

EAC-27985 Tags in Query Builder: You can now review entity tags applied to results using Include all source tags and Include all destination tags search options.

EAC-27390: Added relative date filters for hours or days in the future in Query Builder.
EAC-28123: Added the option to select entity type groupings like "User" as Query Builder source entity type.
EAC-28088: Added Query Builder columns showing System Permissions and Effective Permissions.

EAC-28002: Fixed issues where Summary Entities and their counts were incorrectly applied in filtered queries.
EAC-28065, EAC-27632: Fixed issues affecting query constraints on nested Active Directory Groups.

EAC-27169 SharePoint User Details: Veza now gathers additional SharePoint User details, searchable through attribute filters: Is Guest, Is Site Admin, User Principal Name, Is Deleted, Deleted Date, Last Activity Date, Viewed Or Edited File Count, Synced File Count, Shared Internally File Count, Shared Externally File Count, Visited Page Count, Assigned Products.

EAC-28318: Prevented an error occurring when connecting to Google Cloud projects with Cloud Run Admin API disabled.

EAC-25562 MFA for local users: Users can now enable built-in MFA for an additional layer of security when not using Single Sign On.
EAC-28207 API Keys for Teams: Introduced optional scoping of API keys to Teams, allowing for non-root, read-only API access. Users can now choose from available teams when creating API keys. Administrators can view team scopes on the API Keys page.

EAC-28127: Exporting Risks to CSV now consistently includes all results, regardless of the selected date range.
EAC-28128: Fixed an issue where Risk exports sometimes omitted certain query names.

Last updated 5 months ago