2024.4.15
Changes in Veza release v2024.4.15
Access Intelligence
Enhancements
EAC-33470: For improved visual clarity, the Snowflake Data Governance and SFDC Access Security Dashboards now show individual tiles for each featured query. You can click any tile for an expanded view of the results over time, or open the results in Query Builder.
EAC-33540: You can now view risk changes over the last quarter by setting
90 days
as the time range on the Risks page.
Access Reviews
Enhancements
EAC-33906: Added "All Local Users" as an aggregate option when defining the source/destination in the Access Review Query Builder (replaces "LocalUser").
Bug Fixes
EAC-33804: Fixed an issue that could result in the sign-off of rows with no decision.
EAC-33519: Renamed “User / Group / Resource” to “User Name / Group Name / Resource Name” in the Access Review Certification UI to make wording more consistent.
EAC-33936: Row actions are now prevented during row updates.
EAC-33935: Entity type groupings such as
Custom Users
now correctly appear in the Relationship dropdown when creating queries for Access Reviews.
Access Visibility
New Features
FR-1891, EAC-33852: All entities now have a
Datasource Last Extraction Time
attribute indicating when metadata was last refreshed for the host data source.EAC-28076 Authorization Graph: The option to show or hide indirect relationships is now generally available. Use Advanced Options > Include Assumed [Entity Type] to filter on source entities with direct access to the chosen destination entity type, and exclude any relationships where a nested group or role grants access.
Enhancements
EAC-33770 Query Builder: Attributes containing lists now support filters with
Exists
andNot Exists
operators, to find results where these attributes contain any data, or no data.
Bug Fixes
EAC-33922: Pagination is now automatically enabled to reduce graph visualization rendering memory requirements and duration when there are many related entities. A warning indicates when the current page cannot be loaded.
EAC-33517: Optimized performance for queries with Summary Entities, specifically when including path summaries without specific count conditions or when the condition is >= 0.
Veza Integrations
New Features
EAC-33498 Palo Alto Networks: New integration for discovering applications, users, roles, and permissions for Palo Alto Networks Prisma SASE.
Enhancements
EAC-33679 Custom Identity Mappings: Custom identity mappings can now include Identity Matchers to correlate identities even if they do not match a mapping rule. Shown when editing existing integrations, the Identity Matchers section enables matching users from any two data sources (such as Azure AD and Okta), if they exist in Authorization Graph. Administrators can search for users by name, and add as many pairs of users as required.
EAC-33670 Jira Data Center: Added support for authenticating using a self-generated CA certificate, uploaded when configuring the Jira Data Center integration.
EAC-33903 Anaplan: Added support for directly discovering Anaplan model users. This is optional due to increased API calls required for extraction (>= 1 call per model instead of a single call per workspace).
EAC-33713 Okta: The Okta integration now supports incremental updates for faster extraction time and reduced traffic to Okta API endpoints. An Administrator will need to enable audit logs to enable this feature.
Bug Fixes
EAC-33633 Workday: An error message now indicates when configuring an invalid custom property.
Veza Platform
New Features
EAC-33862: Administrators can now grant the Veza support team temporary access by creating a limited Support User account.
Enhancements
EAC-33782: Teams and roles are now listed in an additional column when exporting the Users list to CSV.
EAC-33829: Sections on the Sign-in Settings page are now grouped in categories to separate general, SSO, and local user authentication settings.
Last updated