Release Notes
Back to All

Identity Security Insights 24.09.1 release notes

4 months ago

September 24, 2024

New features

We're excited to announce our new, comprehensive reports within Identity Security Insights! With this release, we're launching 15 new reports to cover various aspects of identity security, each designed to give you a clear and immediate understanding of your organization's identity security posture via visual aids such as heat maps, trend graphs, and detailed breakdowns.

Use these reports to quickly assess risk and bring attention to critical findings.


Report details

Endpoint and server access reports

  • Local Accounts report: Local accounts on computers, databases, and network devices by asset and account type.

  • SSH Keys report:SSH Keys listed by computer, account name, local privilege, cipher type, and more.

  • Scanned Assets report: Assets scanned by Password Safe and collected information from them.

  • Users with access to endpoints and servers report: Every user with group or user-based access with local privilege and group paths.

Identity security summary reports

  • Accounts Summary report: Dashboard view of accounts collected by your configured connectors.
  • Detections Trend report: Detections tripped over time, enabling insight into trends from your environment.
  • Entitlement Summary report: Fine-grained access entitlements collected such as authorizations, privileges, access rights, permissions or rules.
  • Identity Summary report: A summary of identities discovered your the configured connectors.
  • Inventory Summary report: Dashboard view of accounts, identities, and entitlements.
  • Recommendations Trend report: Recommendations over time that give you insight into trends in your environment.
  • Detections: A view of all detections in your environment.
  • Recommendations: A view of recommendations across your environment.

Service and task identity risk reports

  • Accounts Used for Tasks and Services on Computers report: Directory and local accounts running services, scheduled tasks, and IIS application pool. Includes account privilege and compensating controls.
  • All non-human accounts report: All non-human accounts, including service accounts, and their true privilege. Includes Entra ID service principals and domain accounts. The report also shows the number of entities using the account and the most recent authentication or login.

System health report

  • Connector Data Health report: Trend on collected data from your configured connectors.

With this release, you can access our new Password Auditing capabilities to assess password security within Active Directory environments. Recommendations are now generated for enhancing the following security measures:

  • Account with compromised password: Use this to identify any account password that appears on known compromised lists. Once identified, you can take immediate action to secure affected accounts.
  • Account shares its password with other accounts: Identify accounts in your environment that have the same password; this helps to ensure all of your accounts have unique passwords.
  • Account with blank password: Use this to review all of your accounts that have blank or no set passwords, and determine if those accounts are set correctly for your organization.

Enhancements

You can now switch your theme from dark mode to light mode. This enhances user interface visibility and provides an alternative to the default (dark mode).

To switch themes

  1. In the top right of any Insights page, click the user icon.
  2. Select either Light or Dark from the menu.
    The theme switches immediately, and your selection saves until you change it again.

We enhanced the Path to Privilege node graph display by introducing a dual layer visualization to distinguish between an account's direct privileges and its True Privileges via escalation paths.

Direct Privileges represent the access rights and account inherently posses, while True Privilege depicts potential access gained through escalation or other indirect means. Additionally, each privilege level is rated to quantify the security risk associated with each access level.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.