Endpoint Privilege Management Cloud 22.7 Release Notes

September 15, 2022

New Features and Enhancements:

Web Policy Editor

  • Additional Scopes and Max Age configuration options have been added to the OIDC message configuration for Windows. These new values can be used by your identity provider to provide additional functionality/options for multi-factor authentication.
  • Users can now configure Azure Active Directory (AAD) groups as designated users for Windows messages so they can be authenticated with MFA via AAD.
  • Introduced new access token: Keep privileges – Enhanced for Application Rules and On-Demand Application Rules. This retains the same process privileges but additionally adds our BeyondTrust mods to allow anti-tamper and Advanced Parent Tracking.
  • Users can upload and manage their company branded banners to display on messages presented on the endpoints for Windows and Mac.
  • Mac messages can now be configured to include a Refer URL to be displayed on the endpoint to provide the end user additional information.

PM Cloud

  • Added Service Catalog Task record type within the ServiceNow authorization request feature.
  • (BETA) Introduced a new Events/FromStartDate API endpoint, which serves event data in ECS JSON format. Designed to suit SIEM imports. Events are retrieved in ascending date order from a chosen StartDate, in batches of up to 1000. Usage: to get the subsequent batches, use the event.ingested date from the final record of a batch and use as the new StartDate parameter.
  • Windows process start events and user logon events only are included for 22.7.
  • Data is only available from PM Cloud systems once upgraded to 22.7.
  • The Forever option in the ServiceNow authorization request feature has been removed.

Issues Resolved:

Web Policy Editor

  • Resolved issue in which accessing messages or agent protection settings in the menu in read-only mode allowed the user to edit messages or to generate a key.
  • Resolved issue in which the No Users/Groups error was incorrectly displayed when Accounts was filtered on the Designated User panel.
  • Resolved issue in which scrolling in Messages edit menu could remove the Save and Discard buttons from view.

Privilege Management Reporting

  • Resolved issue in which the Processes and Description column did not sort in the Discovery All grid.
  • Resolved issue in which drilling down via Process Count on the Target Types grid displayed the wrong results.
  • Resolved issue in which drilling down via Summary displayed the wrong results.
  • Resolved issue in which Process detail and Event Detail event data would not display for Uninstall application type events.

PM Cloud

  • Improved exception handling within command processor jobs.


  • PM Reporting Database: 22.5.7
  • PM Reporting UI: 22.7.147
  • Event Collector: 22.4.70
  • Web Policy Editor: 22.7.152
  • PM Cloud 22.7.271



Do not install a new adapter version before you are running a version of PM Cloud that supports it. Installing an unsupported adapter can result in endpoints that no longer connect. You will be notified before your instance of PM Cloud is upgraded.

  • PM Windows Adapter: 22.7.271 (Recommended), 22.6.273, 22.5.144, 22.4.227, 22.3.310, 22.2.584, 21.8.760, 21.7.634
  • PM MMC snap-in: (Recommended),, 22.5.179, 22.4.227,, 22.1.95, 21.7.152, 21.5.106,, 21.3.135, 21.2.98, 21.1.133
  • PM for Windows: (Recommended),,,, 22.1.95, 21.7.152, 21.5.106,, 21.3.135, 21.2.98, 21.1.133
  • PM for macOS: (Recommended),,,,,,
  • PM macOS Adapter: (Recommended),,,,
  • PM Rapid Deployment Tool for macOS: (Recommended),,,,,,
  • PM Response Generator for Windows: (Recommended),,,, 22.1.95
  • PM Response Generator for macOS: (Recommended),,,,


  • The following PM Cloud Adapters are deprecated, and support will be removed in a future version of PM Cloud. These adapters will continue to function with PM Cloud 22.7, but should be upgraded to ensure ongoing compatibility:
    • PM Windows Adapter: 21.7.634