Weekly Release Notes: Week 31, 2023
This week's exciting updates are all about checks, ranging from extended coverage to a brand new check.?
?? Extended Coverage: Identify Users Sharing Authenticators
Last week we released the Users Sharing Authenticator check (initially only compatible with Okta and Duo) for Microsoft Entra ID (Azure AD). When you click on the “Users Sharing Authenticators” check, you will now see Microsoft Entra ID (Azure AD) under “Compatibility”. The check will detect whenever we see a phone number associated with more than one login. If the user is linked, however, this will not cause the check to fail.?
As we know, employees may share authenticators when sharing credentials to an account, causing security issues. Furthermore, if users are sharing phones or devices, it can indicate an issue with the onboarding process.
领英推荐
??? Detect Risky User Sign-ins
Keeping a pulse on the risky sign-in behaviors of user accounts when you are managing various activities related to your employees can be challenging. We are excited to introduce a new check for Microsoft Entra ID (Azure AD) called “Sign-in Threat Detected”. With this new check, Oort will now monitor Microsoft Entra ID Risk User events for “high” level risk users and trigger the check.?
By default, the check will trigger on “high” risk levels, but by navigating to Check Settings in the check, you can customize the “Ignore list” to fit your needs. When you click on the failing check in the User 360 profile, an activity drawer opens to the right. This drawer gives you useful context for investigation such as insight into the user and why they are failing this check.?
?Bug Fixes and Minor Improvements