What's new in this release

We've added two new filters on the Events page.

Matched as Child Process

The Matched as Child Process filter refines your results to the most significant events for your use case.

Options include:

• Yes: Filter events to only those matched due to the Treat child processes in the same way if the child process setting.
• No: Filters out child process events raised because the parent application definition had the Treat child processes in the same way if the child process criterion enabled.
  This allows you to add the most efficient application definitions possible to policy.

📘

For more information, see Event analytics.

Application URI

The Application URI filter is for the macOS Application URI event property, and refines your results to aid in making policy decisions for macOS events.

Options include your organization's application URI properties.

ℹ️

For more information, see Event analytics.

We've added a handy Reputation Score panel that appears when you click on a reputation score for a Just-in-Time (JIT) Application Access request. This panel provides additional information from VirusTotal, helping you make more informed decisions about the applications you're evaluating.

Click the Reputation Score link on the Application Access Requests page to open the Reputation Score panel:

ℹ️

For more information, see JIT application access requests.

We've introduced a new engineering key that lets you turn Source URL file tagging on or off in the service. This is especially helpful for customers transitioning to file systems that don’t support Alternate Data Streams (ADS).

📘

For more information, see EPM for Windows EPM for Windows application definitions and types

You can now easily access the most recent approval and denial notes for Just-in-Time (JIT) requests directly within your Endpoint Privilege Management (EPM) app on macOS. To make this feature available, ensure that your app is configured to display notes in EPM.

ℹ️

• For more information about configuring apps in EPM, see Just-in-time (JIT) Settings.

Now when you create a new user, you can assign the Administrator role to any users requiring that job function. For all other users, select specific roles or custom permissions as usual. Administrators are indicated on the User Management page via an icon:

Administrators are also indicated on the Users page via the Account Privilege column:

📘

For more information, see User management.

We've changed the name of the System Preferences application type to System Settings to be more in sync with macOS naming conventions.

This change impacts the Policy Editor, Analytics page, and the EPM for Mac application types (including the Quickstart template).

⚠️

Important information

• No policy changes are required to control System Settings applications.
• There is no functionality change with this. It is a naming update only.

On the Events page, when you select the download icon, you'll see the new Prepare Download dialog box where we've updated the design to align with product standards. All settings remain the same.

To differentiate the BeyondTrust Recommended Views from the user's Saved Views, we have added the BeyondTrust logo alongside the view name.

On the Management Rules page, we’ve added (default) to the System Group label so it now reads System Group (default). This makes it easier to find the group when you are creating a rule with the Move action and selecting System Group from the Destination Computer Group list.