Identity Security Insights 23.10
October 3, 2023
New Features and Enhancements:
- Identity Security Insights is now integrated with Splunk. When this integration is enabled, Insights will immediately deliver any new detections and recommendations to your connected Splunk instance.
- Account labels have been added, allowing for searching and filtering by key account characteristics, including whether or not an account is considered dormant.
- A link to the dormant account list has been added to the tenant dashboard view.
- The accounts list can now be exported as a .csv. This option is accessible from a new button in the accounts dashboard.
- The on-premise Active Directory collector installation file can now be downloaded immediately when configuring this connector, as well as from the Settings screen for any existing Active Directory connectors. Contacting BeyondTrust Technical Support to finish the installation is no longer required.
- An App Switcher has been added, allowing customers with connected BeyondTrust Cloud products to quickly switch between Insights their other BeyondTrust cloud instances. Access the App Switcher from the Apps button in the navigation bar.
- This feature will be introduced to other cloud products, beginning with Privileged Remote Access Cloud and Remote Support Cloud, in upcoming releases.
- Recommendations with remediation steps have been added for the following findings:
- Privileged users with unrotated passwords
- Built-in Guest accounts are enabled
- Privileged user is not a member of the Protected Users group
- Unprivileged account can retrieve password hashes from domain controller via dc sync attack
- Unprivileged account can escalate its privilege because of the access it has to the Active Directory domain