Release Notes
Back to All

Identity Security Insights 25.09

about 10 hours ago

September 2, 2025

🆕New features

New Report: MITRE ATT&CK® Matrix in Security Frameworks

We’ve launched a new Security Frameworks section in the reporting area, starting with the MITRE ATT&CK® Matrix report.

This interactive matrix introduces users to the MITRE ATT&CK® framework, a globally recognized model for categorizing adversary behavior – the tactics and techniques used by attackers. It organizes these behaviors across the stages of a cyberattack, from Reconnaissance to Impact.

Each tactic is shown as a column along the x-axis, and each technique along the y-axis, with tiles showing the number of identity-related findings mapped to each technique.

  • Tactics are the attacker’s objectives at each stage of an attack (e.g., gaining access, escalating privileges).
  • Techniques are the specific methods used to achieve those objectives (e.g., phishing, credential dumping).

Selecting a tile filters the findings grid below, allowing users to explore specific identity-related detections tied to that technique. The grid includes:

  • Account name
  • Privilege level
  • Source of the account
  • Mapped MITRE tactic and technique
  • Finding details

Each row links directly to the associated account page or detection/recommendation page, streamlining investigation and response.

This is the first of several reports planned under Security Frameworks, designed to help teams align identity risks with industry-standard threat models.

MITRE ATT&CK® framework report in Identity Security Insights

ℹ️

For more information, see Security Frameworks.

Introducing the Databricks Connector for Insights

We’re excited to introduce a brand-new Databricks connector in Insights! Databricks is a cloud-based data platform that enables organizations to unify data engineering, data science, and machine learning on a single collaborative workspace. This release supports streamlined setup through three flexible methods: Databricks CLI, REST API, or manual configuration via the Databricks console. Each method provisions a service principal and generates credentials (Client ID and Secret) for use in Insights, enabling secure connectivity with your Databricks environment. Setup instructions are available for each onboarding path.

Once configured, the connector provides visibility into account-level data, identifying whether each entity is a user or service principal, and – when possible – linking them to a matched identity within Insights. While Entitlement data will be supported at a future date, this release establishes a strong foundation for a secure connection and account visibility.

Databricks connector settings in Identity Security Insights

ℹ️

For more information, see Databricks.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.