Zilla Security continuously builds and delivers new capabilities to keep your cloud environment and applications secure and compliant. To keep you abreast of our latest innovations, “What's New in Zilla Security” shares our new releases, feature enhancements, and bug fixes for each release.
July 1, 2024 Release (S13)
Zilla Comply Update
Added a REST endpoint to allow downloading a campaign CSV report.
...
Updated the login process to resolve an issue when multiple tabs are open with the Zilla application.
Updated the database drivers in the platform.
June 21, 2024 Release (S12)
Zilla Comply Update
Updated the campaign CSV and PDF reports to include the permission description as a column.
At campaign completion, ensure the CSV download is generated such that it includes all of the resolution data.
...
Added the ability to receive notifications when a sync fails. The Technical Owner of the application will receive the email notification. This feature requires assistance from the Customer Support team.
Updated our GCP V2 API integration to sync project and folder level group membership.
Updated the Gitlab API integration groups sync to support sub group and projects within sub groups.
Updated our Concur API integration to skip the user name attribute if it is not included in the Concur response.
June 14, 2024 Release (S11)
Integrations Updates
Updated our GCP V2 API integration to sync project and folder level group membership.
Updated our Concur API integration to enable users search to filter the users which get synced with Zilla.
Zilla Platform Updates
Added support for multiple SSO providers within a single tenant.
Updated caching to ensure string resources are updated in a timely manner.
June 7, 2024 Release (S10)
Zilla Comply Update
The Campaign Settings section of a campaign has a new look! Settings have been split between three tabs, see https://zilla.atlassian.net/wiki/spaces/ZILLASUP/pages/2104721411/Creating+an+Access+Review+Campaign#Customizing-campaign-settings for details.
Updated Zilla Comply to include Last Login info in the campaign CSV and PDF downloads.
...
Updated the ZUS browser extension integration builder to optionally save the full web page (mhtml) when assistance is requested. Saving the full web page requires an additional temporary permission for the Chrome browser extension. Please note that Zilla will not change any of your data and will revert the permission once the web page has been saved. See https://zilla.atlassian.net/wiki/spaces/ZILLASUP/pages/2009759749/Zilla+Universal+Sync+ZUS+Browser+Extension+-+collecting+application+data#Sending-screenshots-and-HTML for details.
Integrations Updates
Our Snowflake API integration has been updated to import MFA status.
Updated our AWS API integration to skip importing permission descriptions in the case that SSO config was not set up in the AWS integration.
Updated our Blackline API integration to correctly paginate through the users.
Updated our NetSuite API Integration RESTLet script to sync permissions.
...
Updated ZUS in the Cloud syncs to support large datasets.
Zilla Platform Updates
Resolved six medium severity vulnerabilities discovered in an external Pentest.
June 3, 2024 Release (S9)
ZUS Browser Extension Update This change has been updated, see S10 release notes above.
Updated the ZUS browser extension integration builder to save a screenshot and HTML as soon as the builder is invoked. This requires an update to the browser extension and a new permission must be accepted. Please note that Zilla will not change any of your data. Seehttps://zilla.atlassian.net/wiki/spaces/ZILLASUP/pages/2009759749/Zilla+Universal+Sync+ZUS+Browser+Extension+-+collecting+application+data#Re-enabling%2FUpgrading-the-browser-extension.
Integrations Updates
Updated the way groups are synced in API integrations to allow nested groups to be saved correctly.
Updated our Databricks API integration to add a new config parameter, "URL of your Databricks account". See Databricks for details.
Updated our AWS API integration to correctly import descriptions for permissions and permission sets into Zilla.
...
Updated the Slack notifications for campaign completion. In the case there are revocations requested for a completed task, the following message will be sent, "We're letting you know that the access review was just completed. The revocations and changes have been sent to your ticketing system, please look there for the revocations you need to do."
Updated campaigns which enable Campaign Readiness to show the correct number of permissions defined for an application.
May 28, 2024 Release (S8)
ZUS in the Cloud Update
Updated Okta SSO MFA authentication to support both Okta classic engine and Okta identity engine.
Integrations Updates
New API integration: Blackline
New ZUS integration: Wistia
Updated our Mimecast API integration to create accounts for users which the client id and secret credentials cannot access.
Updated our Airtable ZUS integration to import usernames and to sync invited users.
Resolved an issue with some API syncs failing during group membership imports.
...
Fixed an issue with campaign evidence download which was timing out for larger campaigns.
May 20, 2024 Release (S7)
Zilla Comply Update
Added the ability to limit an access review to just include privileged (non-privileged, or no limit) accounts and the permissions that belong to these accounts to support reviewing all the access that a privileged account has.
...
Updated the text in Zilla Secure Findings -> Take Action -> Mute to "Mute All" to make it more clear that all the Findings in the current view will be muted.
Integrations Updates
Updated our Mimecast API integration to skip over users which the client id and secret credentials cannot access.
May 13, 2024 Release (S6)
Zilla Comply Update
Updated access reviews to show the correct permission description in the case when there are multiple permissions with the same name in a review task.
Updated campaign evidence package downloads to include audit logs via a csv file.
Integrations Updates
New API integration: Google Cloud Platform (GCP) V2 - this integration improves upon our original GCP API integration by syncing Projects as child applications. See Google Cloud Platform V2 (GCP) for details.
New ZUS integration: Virtual Keypad
Updated our API integrations which sync groups to address an intermittent failure.
May 5, 2024 Release (S5)
Zilla Comply Update
Added a column to the campaign csv report to show when a permission was reviewed.
During an access review, updated the "(default)" permission description to display the text set in Available Permissions, if available.
Updated evidence gathering in Zilla Comply to include screenshots for custom applications.
...
Enhanced ZUS in the Cloud to support additional recipe navigations to ensure the correct data is displayed before syncing.
Updated ZUS in the Cloud Microsoft SSO authentication to support application names containing an apostrophe.
Integrations Updates
Updated our FreshDesk API integration to correctly mark an account as inactive when they have been deactivated in the application.
Updated our ZUS framework to ensure permissions will be aggregated when they are synced from different pages within an application.
Updated our Trello ZUS integration to support Trello's updated UI.
...
Updated Zilla Secure to include two new application properties, Single Sign On (SSO) and Multi-Factor Authentication (MFA), when configuring policy rules.
04-29-2024 Release (S4)
Zilla Comply Update
Updated Zilla Comply's Upload Evidence feature to expand the allowed file types. Use a zip file to encapsulate any disallowed file types.
Integrations Updates
New ZUS integration: Postman
Updated our Gitlab API integration to be able to optionally filter projects to be synced. This feature requires assistance from our Customer Support team.
04-22-2024 Release (S3)
Integrations Updates
New API integrations: Astronomer and Concur
Updated our Tenable API integration to support additional permissions returned from Tenable in the API response and to gracefully handle unknown values.
Improved the error handling on our Azure Cloud API integration when retrieving subscriptions in the Deleted state.
...
Added support for wildcards to be specified for permissions and resource permissions in the csv file for the SOD feature.
04-15-2024 Release (S2)
Integrations Updates
Updated our Salesforce API integration to:
optionally append the suffix string "(Profile)" to the name of all Salesforce profiles. This feature requires assistance from our Customer Support team,
sync Permission Set Groups.
Added support to our No Code API integrations for the application to be specified as a directory and generate Users in Zilla.
04-09-2024 Release (S1)
ZUS in the Cloud Updates
Simplified our ZUS in the Cloud configuration for new applications to support SAML/SSO login out of the box.
Updated our ZUS in the Cloud authentication support to include Okta SSO + MFA including Google authenticator, Okta verify, SMS authentication and Email authentication.
Added Microsoft (Azure) SSO + MFA to our supported authentication for ZUS in the Cloud application syncs.
Integrations Updates
Updated GCP API integration to improve error handling for projects which are pending deletion.
Updated our Checkly ZUS integration to support Checkly's updated UI.
Updated our Workato API integration to sync and display all environment-specific permissions.
Updated our Snowflake API integration to support nested roles.
Updated the authentication for our Okta API integration to use client credentials.
04-02-2024 Release (R13)
Integrations Updates
New ZUS integration with ZUS in the Cloud support:
6Sense
Bynder
ClientSuccess
Crayon
Manage Engine OpManager
Updated our Azure Active Directory (AAD) API integration to optionally specify:
custom filters to limit the users which are synced with Zilla. For example, it is possible to filter by the “Country” attribute so that Zilla will only sync those users where the country is as specified in the filter. This setting requires assistance from the Customer Success team.
select filters to expand the info which is synced with Zilla. The additional fields that are synced are stored as metadata on the accounts.
Updated our Adobe ZUS integration to map a user's Products by image to permissions in Zilla.
...
Updated the application Permissions tab summary bar counts to improve performance.
Updated the Zilla login to correctly support very long email addresses and to correctly validate emails with TLDs longer than 3 characters, such as .bank.
03-26-2024 Release (R12)
Zilla Comply Updates
Added custom comments to Zilla Comply to allow campaign monitors/admins to specify a set of reasons for revocations, maintains, and/or changes as well as separate reasons for maintains when there is an SoD violation. These custom comments are currently hard-coded per campaign and require assistance from Customer Success to configure.
Added a new feature to Zilla Comply to support reviewing group structures via "Enable Campaign Setting for Account Owner Assignments". This feature is still in beta, please contact Customer Success to find out more.
Zilla Comply Slack notifications are now generally available. See Enable Slack Notifications for Access Reviews for details.
Integrations Updates
New API integration: Xero
Updated our Azure Active Directory (AAD) API sync to improve the error handling when fetching members or owners of a group.
...
Updated the Zilla login to correctly support very long email addresses.
Resolved one medium severity vulnerability discovered in an external Pentest.
In the Add Application -> Applications listing, updated the Stitch app website to point to Stitch's new URL.
Improved performance when loading the Permissions tab of an application.
03-15-2024 Release (R11)
New Integration
New ZUS integration with ZUS in the Cloud support: Fairwinds
...
Updated Zilla Comply to address an intermittent issue with allowing incomplete reviews to be submitted from different browser tabs/windows.
03-12-2024 Release (R10)
New Integrations
New ZUS integration: ServiceDesk Plus
New API integration: Sage Intacct
Integrations Updates
Updated our Gitlab API integration to accommodate Gitlab's limit on API calls.
Improved the error handling in our Smartsheet API integration to skip over unrecognized users which have been deleted from Smartsheet.
Updated our Zilla PO Box Active Directory script to automatically create the SFTP directory if it does not already exist.
Updated Zilla's 'No Code' API integration to support 'nextURL' pagination.
Updated our Sharepoint API integration to sync sites and sub-sites for domains that are synced in Azure Active Directory.
03-03-2024 Release (R9)
New Integrations
New REST API integration for Workday.
Integrations Updates
ZUS in the Cloud support added for Buildkite.
Improved the error handling in our DocuSign API integration to skip over unrecognized users which have been deleted from DocuSign.
Updated the Twilio ZUS in the Cloud sync to support Twilio's updated login process.
Updated our Workato API integration to correctly sync the following System Roles: Admin, Analyst, Operator, Team Owner.
Updated our OneTrust API integration to support specifying the domain and auth domain to allow for verification in a test environment.
Added support to the SFTP syncs to be able to specify the algorithm for encryption, ssh-rsa or ssh-dss. To configure this setting, please contact Customer Support (support@zillasecurity.com).
02-25-2024 Release (R8)
Integrations Updates
ZUS in the Cloud support add for Boku.
Added the ability to download a csv file from the Retool application from within the ZUS in the Cloud framework. This csv file is then sent to Zilla to sync the Retool application. Please contact Customer Support (support@zillasecurity.com) to setup ZUS in the Cloud and to add support for csv downloads for other applications.
Updated our Freshservice API integration to support Freshservice's updated APIs.
02-18-2024 Release (R7)
GCP API Integration: New Authentication Process
...
We’ve addressed and resolved five medium-severity vulnerabilities identified during an external penetration test. For more information on vulnerability levels, contact Zilla Customer Success team.
02-11-2024 Release (R6)
Group Details Page Enhancement
...
Our LastPass API integration has been updated to properly handle error cases, ensuring more robust and reliable interactions.
02-03-2024 Release (R5)
Zilla PO Box: On-Premise AD Connector for ZUS in the Cloud
...
We've added a new API integration with Workato, an automation platform that connects various applications to automate workflows and processes, without requiring deep technical skills.
01-29-2024 Release (R4)
Beta Announcement: Slack Integration for Enhanced Access Request Notifications
...
API integration with Loopio, a leading RFP response management platform that streamlines the proposal process
API integration with Monday.com, a versatile project management tool that facilitates team collaboration and project tracking
01-21-2024 Release (R3)
ZUS Framework Enhancement for Better Sync Experience
...
Our latest update to the Pega ZUS integration brings full support for groups, enhancing how users can manage groups and their associated permissions and settings in Zilla.
01-15-2024 Release (R2)
ZUS Framework Enhancement for Better Sync Experience
...
We've updated our DocuSign API integration to include support for automated permission revocations once an access review is completed.
01-06-2024 Release (R1)
Appcues ZUS Integration Enhancement
...
Our On-Premise Active Directory (AD) support for groups now includes comprehensive support for sub-groups and the permissions assigned to these groups.
12-27-2023 Release (Q12)
ZUS in the Cloud Update: Support for On-Premise Databases
...
ZUS integration with Pega, a business process management (BPM) tool that automates complex business processes.
API integration with KnowBe4, a security awareness training platform that helps organizations manage phishing threats and improve their security culture.
12-18-2023 Release (Q11)
New Configuration Option for User Access Reviews
...
Improved paginated user support in KnowBe4 ZUS integration: This enhancement focuses on better supporting paginated users. With this update, our system is now more adept at handling large sets of user data, ensuring smoother navigation and efficient data management.
Configurable API URL in Datadog API integration: We've introduced a new configuration option that allows users to specify the Datadog API URL. This feature is designed to support various Datadog sites more effectively.
Improved preview dialog and data sync in OpenVPN ZUS integration: The enhancement ensures that the Preview dialog is correctly displayed and that data synchronization is effectively handled, even when dealing with multiple pages of users.
12-11-2023 Release (Q10)
Preserving Existing Tags in Application Renaming Workflow
...
We've added the ability to edit and view multiple permission owners directly from the 'Available Permissions' application's Profile tab. With this update, users can now manage multiple permissions simultaneously, enhancing productivity and ease of use.
New API Integration: Mimecast
We are pleased to announce a new API integration with Mimecast, a mail management system designed to protect email, ensure access, and simplify the tasks of managing email.
12-03-2023 Release (Q9)
Restricted 'Download CSV' Capability on the Users Page
...
Note: using this feature requires assistance from our Customer Success team.
11-26-2023 Release (Q8)
Evidence Download: Enhanced PDF Creation for Large Campaigns
...
We've updated our JSM connector app to remove the admin scope. This change is part of our ongoing efforts to enhance security and streamline user permissions. With this update, customers can expect a more tailored and secure experience while using the JSM connector app.
New API Integration: SAP BTP
We've added an API integration with SAP Business Technology Platform (SAP BTP), a platform focused on turning data into actionable business plans, particularly by leveraging tools found in an intelligent enterprise.
...
We've updated our UKGPro API integration to refine the interpretations of active and inactive accounts. With this update, our system now offers more accurate and nuanced handling of account statuses, aligning better with UKGPro's definitions and workflows.
We've also identified and resolved an issue where multiple entries for the same user were being sent in responses from the Users API, each differing only in roles. This issue led to extended synchronization times and the last entry overriding previous permissions data, resulting in Zilla displaying only a single permission for each user. Zilla now efficiently handles unique entries for each user role, ensuring accurate and streamlined synchronization. Consequently, all relevant permissions are correctly reflected in Zilla, effectively eliminating unnecessary delays.
11-15-2023 Release (Q7)
Campaign Escalation to Immediate Supervisor
...
Zilla now supports the ability to download a complete campaign evidence package. This new feature allows users to conveniently compile and download all relevant data and documents associated with a specific campaign in one comprehensive package. This enhancement aims to streamline your workflow and ensure that you have easy access to all necessary information for reporting, analysis, or archival purposes.
11-05-2023 Release (Q6)
New Product: Zilla Provision
We are excited to announce the launch of Zilla Provision™, our innovative solution for automated access provisioning. Zilla Provision offers an efficient, error-free approach to requesting and managing access, significantly improving operational efficiency and reducing risk.
...
With this enhancement, Zilla will now automatically ignore permissions associated with deleted accounts. This improvement ensures more accurate and relevant management of permissions.
10-29-2023 Release (Q5)
Campaign Task Reassignment Performance Enhancement
...
We’ve resolved an issue in campaign audit logs where some entries were incorrectly displayed as "undefined.” This fix ensures accurate and complete logging of campaign activities for better tracking and auditing.
10-22-2023 Release (Q4)
Performance Enhancements
Optimized the process for editing available permissions for an application. Users can now experience faster and more efficient modifications.
Improved the performance of reviewing items in a campaign.
...
ZUS Permission Parsing: Updated our parsing logic to eliminate unnecessary whitespace and commas. This refinement ensures a cleaner and more accurate representation of permissions imported through ZUS.
Addressed an issue encountered during the editing of available permissions for an application. Users can now update permissions without errors for a smoother experience.
Addressed an issue in KnowBe4 ZUS integration where the "Full recipe" was only retrieving the first 100 users. The integration now handles of paginated users correctly.
Updated our synchronization logic for AWS Organizations. If a display name is provided, it will now be "Account name" for better clarity and alignment with AWS terminologies.
Resolved an issue where users could not sync Mailchimp security settings.
Our integration has been revised to align with Mailchimp's new security settings UI.
Addressed the "Invalid UserID" error encountered during the Workday API synchronization. Updated our integration to bypass any invalid ID values and proceed with the synchronization, ensuring consistent and uninterrupted data transfer.
10-15-2023 Release (Q3)
Oracle HCM Integration
Our Oracle HCM integration has been updated to now support basic authentication, providing an additional method for secure connection and data exchange.
...
We’ve optimized User Department filter options to ignore duplicates caused by white spaces.
Refined our AWS auto-discovery process to intelligently skip over child applications that have previously been archived in Zilla. This ensures a cleaner discovery process, avoiding the unintended re-discovery of archived apps.
10-09-2023 Releases (Q2, Q2 HF-1)
Bug Fixes
Resolved an issue where permission types for permissions were being reset after a sync. Users can now ensure consistent and reliable permission settings post-synchronization.
HubSpot ZUS integration: Enhanced the pagination mechanism to better support regions. This ensures a more efficient and thorough synchronization experience for customers with a large volume of Hubspot users.
Adobe ZUS integration: Adjusted our integration parameters to cater to Adobe's longer loading times during pagination. This enables a more reliable synchronization of all accounts, even when Adobe requires additional time to page through them.
...
We've made optimizations to decrease the loading time for campaigns.
10-03-2023, 10-05-2023 Releases (Q1-HF,1-HF2)
Performance Enhancement
We've optimized our algorithms to deliver even faster campaign generation times,.
...
Our integration with Azure AD API has been updated to address an issue where data syncs were occasionally incomplete and ensure more consistent and complete synchronizations.
10-02-2023 Releases (Q-1)
Campaign Cloning Update
When cloning an existing campaign in Zilla, the newly cloned campaign will now be in the CREATED state and not automatically generated. This enhancement helps reduce potential confusion and makes the campaign management process smoother.
...
Updated our AAD API integration to import the 'last login' and "manager" data via the user API. The 'last login' data now aligns with what is reported by AAD on the Users Overview page. This enhancement boosts performance, ensuring faster and more efficient data retrieval.
09-27-2023 Releases (P-13/P-13-HF1/P-13-HF2)
UI Update: Relocating Available Permissions Back To the Profile Tab
...
Resolved an issue that occurred when generating campaign reports with high permission counts.
Fixed an issue in the HubSpot ZUS Integration related to config URL processing, ensuring the correct user's page is loaded.
09-18-2023 Release (P-12)
Campaign-Specific Evidence Upload
...
Resolved an issue in the Campaign Regenerate Button functionality where the "Regenerate" button occasionally did not display as intended.
09-11-2023 Release (P-11)
Bug Fixes
Fixed an issue with the advanced email settings for the manual reminder option when creating the email distribution list.
Updated reporting in the new audit logs for syncs to display the correct actor.
...
Fixed a group pagination issue in the Okta API integration sync.
In our Slack integration, resolved an issue where "Multi-Channel Guest" was syncing to Zilla as a "Regular Member."
09-04-2023 Release (P-10)
Enhancement to API Integration Framework
...
We’ve enhanced our HubSpot ZUS integration to sync MFA information to Zilla.
We've updated our AWS API integration to make group sync failures more resilient.
08-28-2023 Release (P-9)
Changes to Available Permissions' Section
...
We have updated our Salesforce integration to allow for the optional syncing of groups. You now have the flexibility to choose whether or not you want to sync groups between our application and Salesforce. This enhancement provides greater control over the data shared between the two platforms.
08-22-2023 Release (P-8)
Fix for Permissions CSV Download and Campaign Generation
...
Please note that this feature requires assistance from our Customer Success team to implement.
08-14-2023 Release (P-7)
Background Campaign (Re)Generation
...
We have added a new ZUS integration with JFrog, a popular platform for software release management and binary repository management.
08-06-2023 Release (P-6)
ZUS Availability in EU and ANZ Regions
...
When creating a directory user, our Workday integration will now check for a universal ID if the email address is missing. Previously, the absence of an email address would cause the integration to fail. With this update, the integration will use the universal ID as a fallback identifier to create the directory user.
07-31-2023 Release (P-5)
Support for Semi-Colon Separated Email Aliases
...
We have updated our ServiceNow API integration to allow users to optionally specify a domain that identifies the users to be synced. The integration now enables you to target specific domains for user syncing, providing more control and flexibility over the user syncing process.
July 2023 Releases (O13 - P4)
Improved Access Review Assignment Logic
...
In our Incorta API integration, we've mapped the "Unique Id" field in Incorta to the "Universal Id" in Zilla.
06-19-2023 Release (O-12)
End-of-Campaign Notifications Enhancement
...
We've updated the Adobe ZUS integration to support pagination. This ensures smoother navigation and a more streamlined experience while handling large datasets.
We have updated our Buildkite ZUS integration to support recent changes in Buildkite's user interface. This ensures that our integration continues to be seamlessly compatible with Buildkite.
Our ZUS integration with Workato has been updated to accommodate their recent UI changes. Additionally, the integration now supports synchronization of users with 'Pending invitations'. This will help you keep track of users who have been invited but have not yet joined your Workato workspace.
The Mailgun ZUS integration has been updated to align with the recent user interface changes on Mailgun, ensuring continuous and seamless integration.
We've updated our Bridgecrew ZUS integration to support recent UI changes in Bridgecrew, to maintain compatibility and user experience.
We’ve enhanced our Salesforce API integration, which now allows you to optionally specify a comma-separated list of Salesforce account types. Only accounts that match the specified types will be brought into and saved in Zilla. When the filter is applied, the data stored in Zilla will be updated on the next sync. When the filter is not specified, all the accounts will be synchronized by default. This enhancement enables more granular data retrieval and storage based on your needs.
06-11-2023 Release (O-11)
Automatic Revocations in Github API Integration
...
By treating products as resources, users will experience a more logical mapping between Aha and our platform, which is expected to improve workflow efficiency.
NEW Integrations: WPEngine and Proggio
...
New API integration: WPEngine, a WordPress-based hosting blogging platform
New ZUS integration: Proggio, a project management tool
06-04-2023 Release (O-10)
SoD Policy Description Import via CSV Upload
...
ZUS Stripe Integration Update: We have updated our ZUS Stripe integration to support Stripe's new user interface.
Adobe ZUS Integration Update: In line with Adobe's new user interface, we've updated our Adobe ZUS integration. This update ensures continued compatibility with the latest changes from Adobe.
GitHub API Integration Update: We've enhanced our GitHub API integration to better support teams and child teams.
Azure Cloud Auto-Discovered App Sync Fix: We've addressed a bug causing Azure Cloud auto-discovered app sync failures when the account email did not match between parent and child apps.
05-28-2023 Release (O-9)
Policy Enablement Tracking in Zilla Secure
...
SoD Findings for Groups and Permission Sets: We've fixed the issue where SoD findings were not being generated for groups and permission sets. Now, Zilla will correctly identify and report any potential SoD conflicts for these elements.
CSV Uploads Comment Character Update: In order to streamline and standardize CSV uploads, we've updated the system to only allow a '#' character as a comment when it's at the start of a line.
Salesforce Integration Improvement: We've addressed an issue where the Salesforce integration was not preserving Role and Profile permission types. This fix ensures accurate representation and synchronization of these crucial data types.
GitHub Integration Enhancement: The GitHub integration has been enhanced to sync MFA (Multi-Factor Authentication) status and additional metadata.
Workday API Integration: We've fixed a bug in the Workday API integration where password values needed to be converted to Unicode.
05-21-2023 Release (O-8)
MFA status on User Details page
...
We’ve added Segregation of Duties (SoD) findings for groups. Zilla now identifies and reports potential SoD conflicts caused by group memberships, helping to improve compliance and reduce risk.
NEW integrations (beta): MedTek, Oracle HCM, Smartsheet, and RingCentral
...
AAD Sync Issue: We have resolved a bug that caused Azure Active Directory (AAD) synchronization to fail due to missing parent apps. With this fix, users should no longer experience problems with data synchronization between their AAD and Zilla.
SharePoint API Integration: The SharePoint API integration now supports the syncing of all SharePoint sites and subsites. This means users can seamlessly integrate all their SharePoint content with Zilla, making for more efficient and unified data management across platforms.
05-14-2023 Release (O-7)
Azure Active Directory integration enhancement
...
We've enhanced the DocuSign API integration to sync all accounts, not just the first 50.
We've added a feature that allows support users to set the page size of API calls from hidden configuration settings.
To facilitate further debugging, we've implemented debug logs to record the responses of all API calls.
NEW integrations: Alert Logic and Active Admin
...
These new integrations underscore our ongoing commitment to expanding the range of SaaS applications you can seamlessly connect to and audit with Zilla.
05-07-2023 Release (O-6)
Enhanced filtering in access reviews
...
Corrected swapped title and department columns in CSV download in the “users” page
Modified the "Copy Email Addresses" option to separate addresses by a semi-colon when running a campaign
Fixed abbreviated permissions issue in Box ZUS integration
Updated Carta ZUS integration to support Carta's latest update
Improved DocuSign API integration to handle permissions with no name
Revised privileged status for AAD administrator permissions
05-02-2023 Release (O-5)
NEW feature: Segregation of Duties (SoD) policies with automated actions
...
Clicking on a policy card on the new policy landing page sends users to the respective category landing page displaying all policies and summary metrics within that category.
Use filters in the summary bar to view total policies and enabled policies within a specific category.
When changing a policy's category, the policy will no longer appear in its original category table and will now appear in the newly assigned category.
The ability to edit a policy remains unchanged with this update.
No changes to the search feature; it remains the same as the current Policies page.
NEW integration: Incorta
In this release, we've added an API-based integration with Incorta, an innovative data analytics platform that allows organizations to quickly and easily analyze complex data, making it easier to gain insights and make informed decisions.
...
An update to our OneLogin integration enhances the sync process in case an MFA status API call fails. This improvement makes the integration more robust and ensures an uninterrupted experience for users.
We have rolled out an update to our Google Cloud Platform (GCP) integration, addressing sync issues for resources without parent relationships. This enhancement ensures a smoother and more reliable synchronization process for all resources, regardless of their hierarchy within GCP.
04-23-2023 Release (O-4)
Enhanced AWS API integration with rate limiting for syncs
Our AWS API integration now supports rate limiting for AWS syncs. AWS rate limiting is a mechanism used by AWS to control the number of requests that a user or service can make to specific AWS resources or APIs within a given period of time. This enhancement ensures that syncs do not fail when the rate limit is hit on production. By implementing support for rate limiting, our AWS integration becomes more robust, providing a reliable and consistent experience for AWS users.
NEW integration: Aircall
We've added an API-based integration with Aircall to our extensive library of out-of-the-box application integrations. Aircall is a cloud-based phone system and call center software solution designed for businesses, offering features like local and international phone numbers, call routing, call recording, analytics, and customizable call distribution.
...
We've updated our Azure Active Directory integration to resolve an issue where internal users were incorrectly marked as external. We have updated the external domain calculation for accounts to accurately process all domains specified in the tenant.
04-16-2023 Release (O-3)
NEW feature: In-app release notes access for admin users
...
Our BambooHR ZUS integration now includes pagination support, offering a smoother and more efficient user experience when -syncing data.
04-09-2023 Release (O-2)
NEW integration: KEMI
We've added a new KEMI integration via ZUS. The new integration includes data parsing to automatically retrieve the email within parentheses and combine the first two strings (first and last name) to form the Account Name.
...
Our ZUS integrations for Bitwarden and Cognito have been updated to be compatible with the latest versions of the applications. Sync will no longer fail for these apps if the URL is changed in Config.
04-02-2023 Release (O-1)
Cursor-Based Pagination Strategy for No Code API and Generic Integrations
...
Zilla can now be configured to update existing users when their email changes in Okta, instead of creating a new user.
Workday Directory was previously pulling in User IDs instead of full names, resulting in incorrect user profile names. We now generate names based on first and last names in Workday.
03-28-2023 Release (N-10)
NEW feature! Custom actions
We've enhanced our identity security platform by adding the capability to create custom actions for Slack, Microsoft Teams, webhook, and email. You can now use custom actions as automated actions for Zilla Secure Findings or configure them as manual actions for both Findings and Accounts and Permissions search. For example, when Zilla identifies a new permission change, a Slack action can automatically post a message on your security team's channel requesting an additional review and even tag the reviewer. This new feature enhances automation capabilities and improves teams’ efficiency in remediating security and compliance issues.
...
We also updated our no-code generic API integration to support "Client Credentials" OAuth authentication flow.
03-21-2023 Release (N-9)
NEW feature! Sync Frequency Tooltip
As an admin, you can now easily view the frequency of your sync schedules directly from the clock icon. Just hover over the clock to see a tooltip displaying the sync frequency, such as "Daily,” "Every Monday,” or "27th of every month". This will help you stay informed about when your next automatic sync is scheduled to run.
NEW integrations: IBM MaaS360, ZohoCRM, Mosyle, Celigo
...