Dear Heimdal® Partner,
We would like to inform you that a new version of the Heimdal Production dashboard, version 4.0.2, will be released next Tuesday, March 5th 2024.
Starting Friday, March 8th 2024, the Heimdal Prod Agent will be available for download in the dashboard's "Guide" section under the "Download and Install" tab. The updated agent will be deployed gradually over the next few weeks.
Additionally, a new Heimdal Release Candidate agent version, 4.0.3 RC will be available for download, from the Heimdal dashboard, starting Friday, March 8th 2024. This new RC version contains an Application Control enhancement related to the Heimdal ProcessLock service (Heimdal service corresponding to the App. Control product) start-up time being reduced to 15 seconds from boot.
Here are the main features and improvements rolling in with the new 4.0.2 Prod:
|
Ability to display the “Group Policies Product Modules overview” pop-up window on request
|
Based on the feedback received from our Customers and Partners, post the introduction of the “Group Policies Product Modules overview” pop-up window, in the 3.7.0 release, we enhanced the functionality and now, starting with the 4.0.2 Prod release, the earlier mentioned pop-up will be available at any time, on a “pull” approach basis.
A new button “Modules Overview” is available in the Endpoint & Network Settings sections of the Heimdal dashboard. When pressed, it will display the “Group Policies Product Modules overview” for the Windows OS Group Policies/ product modules.
|
Addition of the “Chassis” and “System model” info in the Active Clients views
|
In the Active Clients -> Standard, Hardware and Server Commands views, an icon was added near to the hostname, in order to display the chassis information: whether that machine is a laptop, tablet or a desktop. A text on hover over the icon displays the Chassis Type (laptop, tablet or a desktop).
|
We’ve also introduced (in the earlier mentioned views) a new filter called “Chassis” that allows the corresponding info to be filtered based on single or multiple selections.
|
In the “Machine Info” tab (post clicking on a hostname, from the Standard/ Hardware or Server Commands, Active Clients views) we’ve added the Chassis info (under the “Device info” section) and the “System model” info (under the “Hardware info” section).
|
Note: the newly added info. is also present in the .csv file that can be downloaded from the Active Clients -> Hardware view.
|
Heimdal™ Privileges & App. Control
|
“Machine Learning Auto-approval” for Privileged Access Management, Run as Admin/ File elevations
|
A new functionality called “Machine Learning Auto-approval”, consisting of a check box found in Endpoint Settings -> Privileges & App Control -> Privileged Access Management, “Run as Administrator” section of the dashboard, will be available with the 4.0.2 Prod Heimdal version. It is meant to reduce the IT Admins’ manual approval workload considerably, in a smart and secure way.
|
This new feature (when enabled) will allow a file elevation request to be automatically approved by the server, if the elevation for the same file/ process had been historically granted, by an IT administrator, an X number of times which is equal or higher than the threshold set in the Group Policy.
|
After the elevation being auto-approved, it will go to the “Pending Approvals” view, having the status “Awaiting File Elevation”, until it will be consumed by the requester. Subsequently, post the elevation being finalized, it will be displayed in the “History view” with the corresponding “Handled By” info being “ML auto-approval”.
|
When the “Machine Learning” system approves a file elevation, a new email alert will be sent to the IT admin (in case the PAM email alert is enabled in the Accounts section of the Heimdal dashboard).
|
Webhooks for Privileged Access Management elevation requests
|
Starting with the 4.0.2 Prod release, our users will be able to leverage a new way of getting PAM elevation requests alerts, namely through webhooks. Thus, IT admins will benefit of more versatility, being able to manage elevation requests information in their own 3rd party management apps.
For this specific purpose, a new check box, called “Webhooks” was implemented in the Endpoint Settings -> Privileges & App Control -> Privileged Access Management section of the Heimdal dashboard, which, when enabled, will open a new grid/ table section in which the users can define the desired webhooks (a maximum of 5 URL/ Group Policy).
|
Post clicking the “Add new webhook" button the below section becomes available and the user must provide a friendly name, specify the URL (indicating the destination for the elevation request information) and decide whether the information should be sent as an adaptive card or not (option enabled by default).
|
Note: When the “Adaptive card” feature is enabled, the transmitted data will be sent as an Adaptive Card, allowing for a rich, interactive user experience. If disabled, the data will be sent as a simple, JSON object.
|
After adding a webhook a new grid becomes available, allowing the user to manage the already created webhooks: edit, delete or enable/ disable the “Adaptive card” option.
|
Deleting an existing webhook will bring up a confirmation pop-up window.
|
When adding or editing webhooks, it’s important to note that if the URL or friendly name already exists in the grid, it will not be added/ edited and a warning toast message will appear on the upper section of the page.
|
Other improvements & fixes
|
Corporate customer name added to email alerts subject line and distinction between "reporting" and "real life" detections
|
This small enhancement will prove particularly handy for the Resellers who are managing multiple corporate customers and it consists of the addition in the Subject line of the corp. customer name to the PAM, REP for endpoint and Zero – trust email alerts (Accounts section of the Heimdal dashboard) for easier identification and tracking.
|
We’ve also enhanced the PAM elevation request email body, by adding the Corp. Customer name in the header too, the info related to the process name which the elevation has been requested for (“Run as administrator”/ file elevations) and the elevation session duration (Administrator sessions).
|
Another useful piece of info, allowing the dashboard user to make the difference between “real life” and “reporting mode” detections, has been added to the body of the REP for endpoint and Zero – trust execution protection email alerts.
|
Introduction of a new filter (Severity Levels) in the OS Updates (Windows OS) views
|
A new filter, called “Severity Levels”, will be available in the Installed, Pending and Available, OS Updates (Windows OS) views. It allows dashboard users to filter based on the “Severity” rating, provided by Microsoft.
|
Standardization of the date format for the PAM end user pop-ups
|
We’ve addressed some inconsistencies related to the way the date format was displayed when it comes to PAM end user pop-ups and with this new version, the date format will be adapted to the date format set in Windows.
|
Add example domain names on hover for the categories in Category blocking (TPE and TPN)
|
In order to streamline the information flow, this new functionality will allow dashboard users to get 2 or 3 example domain names pertaining to the category that they are hovering the mouse over (Category blocking TPE & TPN).
|
In order to ensure the correct functioning of the new features, please clear the browser’s cookies and other site data, as well as the cached images and files, prior to accessing the Heimdal dashboard.
|
|