What's New in Zilla Security?
Zilla Security continuously builds and delivers new capabilities to keep your cloud environment and applications secure and compliant. To keep you abreast of our latest innovations, “What's New in Zilla Security” shares our new releases, feature enhancements, and bug fixes for each release.
June 23, 2025 Release (W-12)
Integrations Updates
New OOTB API Integration: Cato Networks
Updated GitHub OAuth scope for removing organization members from write:org to admin:org; users must re-authenticate to grant the new scope.
Fixed issue where the No Code platform would fail when encountering an empty array in the Group Policies API response for certain users.
June 16, 2025 Release (W-11)
Integrations Updates
New OOTB ZUS Integration: Haruko
AWS Organisations OOTB integration now supports deployments in AWS Accounts in China.
Ring Central (org sync) now has OOTB API Integration.
June 9, 2025 Release (W-10)
Zilla Comply Update
The "Allow Self-Review" campaign setting now defaults to "No" and will reassign to the review monitor.
Integrations Updates
New OOTB API Integration: Adyen
New OOTB ZUS Integration: GoCD
AWS API Integration now optionally fetches IAM Roles as Permission Sets and brings in Permission Boundary information for an IAM Role based on new configurations. This configuration requires assistance from Customer Support.
June 2, 2025 Release (W-9)
Platform Update
Small updates to the Zilla user interface have been made to better to align with CyberArk products.
Integrations Updates
Updates made to OneLogin API integration to capture Privileges.
BeyondTrust now has OOTB integration for self hosted deployments via PO Box.
Workday (Custom Reports) now brings in last termination date.
Zilla Comply Update
Resolved an issue where campaign reminders could be manually sent to readiness task owners when the campaign was already completed.
Zilla Secure Update
Added a new out of the box security policy that detects and can alert when an in-active account's last login date is after a termination date.
Zilla AI ProfilesTM Update
The profiles page loads significantly faster for customers with a large number of profile grants.
May 27, 2025 Release (W-8)
Integrations Updates
AWS API Integration enhancement to sync and show Service control policies (SCP) applied at the account level.
AWS API Integration to sync Last Login for IAM and SSO users.
AWS API Integration now auto populates ownership from management account to auto synced child account(s) in Zilla based on a configuration.
Resolved Onelogin API Integration sync error while capturing privileges.
Entra ID API Integration customization to support vendor name extraction from user's display name. This configuration requires assistance from Customer Support.
Platform Update
Read only admins can now see, but not act on, the Profiles module.
Policy filters are now operating correctly when certain filter conditions were applied.
Zilla Secure Updates
OOTB policy enhancement to support AWS new feature of Centralized root access for member accounts (released in Nov 2024 AWS updates).
Zilla AI ProfilesTM Update
Increased performance of profile generation process, shortening the time it takes to generate profiles.
May 19, 2025 Release (W-7)
Integrations Updates
New ZUS Integration : NetSuite Planning and Budgeting
Updated Snowflake API integration to treat Snowflake Roles as Permission Sets in Zilla.
Enhanced Coupa API integration to introduce optional configuration to sync additional fields as permissions into Zilla.
Platform Update
Changed the authentication sub-processor to CyberArk Identity. See https://support.zillasecurity.com/hc/en-us/articles/28280940579735-Log-In-to-Zilla for login details.
May 9, 2025 Release (W-6)
Integrations Updates
Update made to the Delinea Platform Console integration, to deliver even more reliable and accurate user data.
OOTB ZUS Sync for Box updated to support their updated HTML.
Okta API integration is now capable of filtering okta groups by providing appropriate expressions in the support config. This configuration requires assistance from Customer Support.
Zilla Comply Update
After campaign completion, added a notification message to the Report tab to inform the user that the report page is in the process of being generated.
May 5, 2025 Release (W-5)
Integrations Updates
Delinea Secret Server API integration now successfully distinguishes between same folder names across different paths.
1Password ZUS integration now supports multiple domains.
AWS IAM Reader Role name is now configurable in Zilla.
Improved the permission labels for Netsuite applications to be more human readable.
Zilla Comply Updates
When a segregation of duties (SOD) violation exists for access that is pre-approved using an active profile, it is now properly displayed in the access review with the associated SOD flag.
Users can no longer be assigned more than 5,000 review items in one task, if more than 5,000 items are assigned another task for the user will be created.
April 28, 2025 Release (W-4)
Integrations Updates
New ZUS Integration : Calendly
The Zilla ZUS extension now sports the new logo with "A CyberArk Company" tagline.
Zilla AI ProfilesTM Update
AI profiles will now generate profile grants based on user access to application resources, like Github repositories or SharePoint sites, deepening its ability to discover and recommend common access amongst an enterprise's users.
April 21, 2025 Release (W-3)
Integrations Updates
New feature added to support Azure Resource Management (ARM) subscriptions using new config field "Sync Classic Administrators?".
Delinea Platform Console now support syncing Inactive members, full domain value, capturing "Everybody" group memberships and excludes displaying nested permissions directly for the user.
Zilla Comply Update
Due dates have been added back to the tasks page.
April 14, 2025 Release (W-2)
Zilla Comply Update
Periodically, uploaded review evidence would not appear in the evidence tab, but would be included in the evidence package, has been resolved.
Zilla PO Box / ZUS in the Cloud Update
Hubspot ZUS in the Cloud sync updated to support their updated login page.
April 8, 2025 Release (W-1)
Integrations Update
Buildkite ZUS sync updated to support group memberships sync against their updated page.
Zilla Comply Update
When generic campaign settings are modified in preview mode, the user is no longer prompted for regeneration.
Zilla PO Box / ZUS in the Cloud Update
Now add and maintain multiple PO Boxes in Zilla and tag applications against individual PO Boxes.
March 31, 2025 Release (V-13)
Integrations Updates
New API integration: CyberArk Identity Security Platform
New API integration: Delinea Platform Console
Onelogin API Integration can now capture privileges.
Zilla Comply Update
Resolved an issue where it was sometimes observed that completing a campaign required the final reports to be generated by Zilla.
Zilla Platform Updates
All credential values are now fully obfuscated, previously the last three characters were displayed.
Sensitive input fields are now masked by default when typing in.
Resolved an issue where manually mapping accounts against a large user population could generate an error, but completed successfully.
March 24, 2025 Release (V-12)
Integrations Update
Rubrik now has an OOTB API Integration via their GraphQL APIs.
March 17, 2025 Release (V-11)
Integrations Update
ApprovalMax OOTB ZUS Integration now brings the role and user status information.
Zilla Comply Updates
Resolved an issue where campaign due dates were displayed one day later for some customers.
Resolved an issue where empty review tasks were incorrectly being counted in campaign summary progress.
Zilla Platform Update
Added support for Zilla Security email communications to now be sent from a customer defined domain and custom reply-to address. Please reach out to Zilla Support (support@zillasecurity.com) for more information.
Zilla Provisioning Update
Users can now initiate emergency terminations from the Zilla Provisioning dashboard with the click of a button.
March 10, 2025 Release (V-10)
Integrations Update
AWS sync now bring in tags connected to a s3 bucket as resource metadata.
Zilla Comply Updates
The ability to include/exclude custom defined user types (such as "Template" accounts) in an Access Review has been resolved.
Campaign readiness tasks now require the checklist to be fully completed in order to add an application into the review. This is to ensure application data is the most current before including in the campaign.
Under certain scenarios, notifications were being sent before the access review campaign was started. This has now been resolved.
Zilla Platform Updates
The Universal Id, Total Items and Completed Items optional columns have been removed from the tasks page.
Clicking any help link within the Zilla Security application will open the new Help Center where users can access documentation and contact Support all in one place.
March 3, 2025 Release (V-9)
Integrations Updates
AWS integrations now bring in customer managed policy JSON information.
Buildkite now has an OOTB API integration built on top of their GraphQL based APIs.
Snowflake now has an OOTB API integration that works out of PO Box.
Zilla Platform Update
Resolved an issue where deleting a permission from an application profile now works correctly.
February 24, 2025 Release (V-8)
Integrations Updates
Entra ID Directory Sync now allows to configure which attributes(s) should be considered as universalId(s) in Zilla.
Splunk Cloud ZUS sync updated to support their updated html.
DocuSign ZUS sync updated to support their changed URL.
Zilla Comply Updates
It was observed that some users were seeing empty tasks on their tasks listing. This has been resolved.
Slack notifications are now included in campaign readiness reminders.
Zilla Platform Update
Infrequent login freeze issues has been resolved.
Zilla Provisioning Update
Added support for "Wait for Account" action to accommodate waiting for existing inbound customer provisioning steps to complete before proceeding with outbound provisioning.
February 18, 2025 Release (V-7)
Integrations Update
Miro ZUS Sync now supports their updated URLs.
Zilla Comply Updates
When a Zilla admin is viewing the tasks page, the default filter is now always to show their own tasks, previously the last selection was persisted.
Some users were not able to see their review readiness tasks on the task page has been resolved.
February 11, 2025 Release (V-6)
Integrations Updates
Avalara API Integration now creates additional permissions of type role to bring in user roles.
Integration audit log language updated to be consistent.
DocuSign logo updated in the product.
Snowflake API sync now brings in default role and owner role for a user.
Zilla PO Box / ZUS in the Cloud Update
ZUS in the Cloud AWS deployment now supports cross account secrets access.
February 3, 2025 Release (V-5)
Integrations Updates
Infinite scroll issue resolved for Outreach ZUS integration.
Envoy ZUS sync updated to work against their changed HTML.
Box external users ZUS sync updated to work against their changed HTML.
Buildkite groups ZUS sync updated to work against their changed HTML.
Zilla Comply Update
The Change action dialogue in access reviews is now a free-form only text field where a reviewer can input what needs to change for access. The display no longer contains a drop-down list of all the respective application permissions.
Zilla Platform Update
Resolved an issue where sometimes Slack notifications did not get sent for access review campaigns.
Zilla Provisioning Updates
Access requests are now auto-approved when the access requested matches the user's profile grant.
Managers can now request additional access for a new employee during the onboarding process for new or moving users. Any requested permissions that are part of profiles will automatically be approved.
Added new Awaiting Verification access request status that will be applied until Zilla can verify access directly with the target application. After Zilla confirms the access request was completed successfully, the status will change to Fulfilled.
January 21, 2025 Release (V-3)
Integrations Updates
New ZUS Integration: ApprovalMax
Updated Avalara API sync to work against Avalara production servers.
Snyk ZUS Integration now flexibly allows to fetch members from either organization or group members page based on url specified in app config.
Zilla Comply Update
When using Zilla Profiles in Access Reviews, the profile evidence report now includes the user who last approved the profile grant and when.
January 14, 2025 Release (V-2)
Integrations Update
Infinite scroll issue resolved for Outreach ZUS integration.
Zilla Comply Update
Resolved an issue preventing campaign launch email and messaging notifications from being sent out.
Zilla Platform Update
Filtering of Permissions, Groups, and Resources on the Applications page now utilize search bars to filter for specific objects. Please note that only exact matches are returned.
Zilla AI ProfilesTM Update
Customers can now leverage any user metadata attribute in profiles to produce better profiles using unique data in their organization like job code or employee type, for example.
January 8, 2025 Release (V-1)
Integrations Update
Updated 1Password ZUS pagination to support 1Password's updated UI.
Zilla Comply Update
The Get Ready tab for a campaign with Campaign Readiness enabled now loads properly.
Zilla Platform Update
Improved Performance for Account to User Mapping for Applications.
December 30, 2024 Release (U-13)
Integrations Updates
Azure DevOps API Integration now shows groups and group memberships information.
Updated the FreshService API Integration to support multiple workspaces.
Infinite Scroll support under ZUS for JFrog, Buildkite, Bitwarden.
Zilla Comply Update
Access Reviews: Updated automatic review comments when preventing self-review assignment to reflect Zilla as the actor.
December 23, 2024 Release (U-12)
Integrations Updates
ZUS now supports automatic pagination for group membership pages for Adobe and Expensify.
Zoom API Integration now supports the new server to server OAuth authentication mechanism introduced by Zoom.
Zilla Comply Update
Resolved an issue where some customers experienced issues saving review items.
December 17, 2024 Release (U-11)
Integrations Updates
New API integration: Cloudflare
Sync config description changed for Blackline integration to indicate that API Key can be specified in the password field.
Google Workspace API sync now syncs service account members of a group.
Azure DevOps API sync now brings all groups and its group members.
Okta API sync now brings authentication factor only for active accounts.
Zilla Comply Updates
When using Profiles and limiting an Access Review to contain just privileged permissions, the summary count for pre-approved and not pre-approved permissions is now correctly displayed.
Access Reviews are now generated when using the “Assign Reviews for Accounts to Account Owner” campaign setting to include just Service accounts. Review items that have no account owner are set to the Unassigned bucket.
Updated Access Review Campaign reports to include the user's display name in specific cases where the user record did not have a first and last name.
Zilla Platform Update
Resolved six medium severity vulnerabilities discovered in an external Pentest.
Zilla PO Box / ZUS in the Cloud Updates
Fix to ZUS in the Cloud syncs to ensure that there is a wait before entering text to prevent race conditions.
On Premise AD PO BOX sync now allows the app to be synced as a directory.
December 9, 2024 Release (U-10)
Integrations Updates
Updated our CrowdStrike API integration to skip users without roles to ensure a successful sync.
Threads app is no longer supported in the product since Shopify acquisition.
FreshService syncs requesters by default.
Slack sync updated to ensure sync succeeds without running into rate limiting when fetching channels as resources.
Outreach OOTB ZUS integration fixed to bring in accounts and last login information.
Zilla Comply Update
Zilla is now displayed as the actor for automated review actions (for example: escalations, assignment, profile approval, etc.) in the comment history and audit logs.
Zilla Platform Updates
Improved the page response time when loading a large number of applications on the Applications page.
Filtering audit logs by date has been fixed and no longer timeout.
Zilla PO Box / ZUS in the Cloud Updates
Oracle 9i integration support via PO BOX.
Updated the Hubspot authentication recipe to match their updated selectors.
December 2, 2024 Release (U-9)
Integrations Updates
New API integration: Qualys
FreshService OOTB API Integration now supports the option of optionally syncing Requesters and requester group membership. The default behavior is to include requesters as Zilla users, and requester group membership.
FreshService OOTB integration now supports bringing in workspaces as resources and workspace permissions as resource permissions.
Updated the Oracle HCM app's configuration field Oracle HCM REST Endpoint to Oracle HCM SCIM Hostname.
Zilla Comply Update
Campaign monitors can now complete campaign readiness tasks from the Campaign Get Ready tab before adding applications to the campaign.
Zilla Platform Update
Resolved one critical severity vulnerability discovered in an external Pentest.
November 26, 2024 Release (U-8)
Zilla Comply Updates
In Access Review notifications, resolved an issue to allow escalation custom messages to be saved as blank.
When selecting the users to include in a review for a supervisor campaign, a new Last Transfer Date filter has been added to support a user transfer review process. The available filter options include transfers in the previous week, previous month, and previous 3 months.
Zilla Platform Updates
Account groups are no longer duplicated in the permissions columns in the display.
Read-Only admin role has been updated to no longer show the archive/activate application and regeneration completed campaign reports buttons.
November 20, 2024 Release (U-7)
Integrations Update
New API integration: Twilio Segment
Zilla Platform Updates
Manually adding a new permission to an application's permission listing has been removed from the UI. Please contact Zilla customer support if there is a requirement for this previous capability.
Users assigned with the Read Only Admin role in Zilla cannot edit or download any system settings.
Zilla AI ProfilesTM Update
Zilla administrators will have the ability to manually add new profile grants to their tenant to augment the existing profile grants recommended by the machine learning algorithm.
November 15, 2024 Release (U-6)
Integrations Updates
Audit logs for API integration and configuration changes now include the details of configuration name, the old value of the configuration and the updated value of the configuration. For sensitive fields, the value is masked.
Slack integration now supports optionally bringing channel dates and also allows to specify a comma separated list of channels to fetch with support for wildcard matching for easy filtering.
No Code (Generic) API integration can now be used to sync directory apps.
Zilla Comply Updates
Campaign monitors can now send reminders through the Zilla UI to users that have open campaign readiness tasks.
A CSV report for the Active Profile Grants has been added as campaign evidence.
Zilla Platform Updates
When viewing data within Zilla, the maximum number of items listed per page has changed from 500 to 100 for a streamlined experience.
Removed the configuration option for when synching an application with groups and group members, the group memberships are now always treated as a permission.
Improved the page response time when loading a large number of applications on the Applications page.
Users assigned with the Read Only Admin role in Zilla cannot make configuration changes or download data in Zilla.
November 5, 2024 Release (U-5)
Integrations Updates
Microsoft Entra ID (AAD) sync now supports skipping groups fetch.
Github API Integration now supports the ability to bring in custom roles assigned to repository.
Zilla Comply Update
An additional notification template for Access Reviews has been added to separate manual and automatic reassignment notifications.
Zilla Platform Update
Enhanced Google Workspace SSO to allows users with verified secondary domain emails to sign in and access their Zilla tenant.
Zilla PO Box / ZUS in the Cloud Update
PO BOX can now be deployed to Azure Container Registry and pulled from a customer's Azure Container Instance.
October 28, 2024 Release (U-4)
Integrations Updates
Integriti API Integration now takes base path as a configuration.
Optional configuration added for Looker API Integration to suffix Groups with " (Group)" allowing to distinguish between regular permissions and group permissions of the same name.
New ZUS Integration: Figma
Support cursor-based pagination for Zendesk API Integration.
Added informational tooltips to the Avalara API Integration configuration to help user set up the authentication.
Zilla CSV File upload integrations only support UTF-8 encoding, files with different encodings need to be converted to UTF-8 before importing.
Zilla Comply Update
When using Campaign Readiness, all checklist items must be completed before the readiness task can be submitted.
Zilla Platform Updates
A "Last 90 Days" option has been added to date filters for quick filtering.
Users assigned Read Only Admin role cannot download CSV or PDF reports from the user interface.
Zilla Secure Update
Resolved an issue where the Security Dashboard might generate an error under a certain situation.
October 21, 2024 Release (U-3)
Integrations Updates
New API integration: Integriti
New API integration: Avalara
Zilla Comply Updates
In Access Reviews, the user information will remain static in the user interface and campaign reports at the time of generation and post campaign completion.
In Access Reviews when the campaign setting to revoke unreviewed permissions is enabled, the submission dialogue has been updated to inform the reviewer that unreviewed permissions will be automatically revoked.
Zilla PO Box / ZUS in the Cloud Updates
TOTP MFA support for Microsoft SSO Login for ZUS in the Cloud.
October 14, 2024 Release (U-2)
Integrations Update
Retool ZUS integration now supports multiple tenant url formats and also support infinite scrolling.
Zilla Comply Update
When reassigning review items, campaign monitors can easily select to reassign to the assigned reviewer's supervisor.
Zilla PO Box / ZUS in the Cloud Updates
On Premise AD sync now supports searching across multiple OUs.
ZUS in the Cloud now supports collecting data from pages that paginate via infinite scroll.
October 7, 2024 Release (U-1)
Integrations Updates
New API integration: Integriti
New API integration: Domo
Microsoft Entra ID integration is now capable of filtering groups based on query parameters received in support config. This configuration requires assistance from Customer Support.
Updated sync failure email notifications to be sent only when notifications are enabled.
Updated AWS API integration to correctly capture the MFA status for the root account.
On Premise AD can now bring in additional attributes of groups as metadata based on a support config. This configuration requires assistance from Customer Support.
Ability to mark accounts as service accounts based on a support config. This allows app owners to decide which accounts are service accounts based on a condition or algorithm. This configuration requires assistance from Customer Support.
Zilla Secure Update
Resolved an issue when filtering on a large number of Segregation of Duties findings would take a long time or not respond at all.
October 2, 2024 Release (T-13)
Integrations Update
New GraphQL based API Integration for New Relic app.
Zilla Comply Updates
Added new campaign progress bar to view the overall task completion percentage across campaigns.
Campaign monitor progress bars have been updated to display green and the respective percentage complete when a task is submitted.
Zilla Platform Update
Zilla admins are now included on Sync Failure Notifications when they are sent out.
September 23, 2024 Release (T-12)
Integrations Updates
Pagination (infinite scrolling based) support for the new BOX external users page.
Updated Jira integration to ensure Jira account status shows correctly in Zilla.
Updated AWS integration to ensure IAM roles is correctly syncing even when there is a statement with a principal 'Service' and effect 'Allow' in trust relationship policy.
Support added to ensure successful CSV syncs with non UTF-8 encoded csv files.
Added “Read Only Admin” permission as an available privileged permission under the Zilla app when Zilla Service Account is created.
Zilla Comply Update
Campaign option for the "Allow Reviewers to Reassign Access Review Items": Yes - Limit reassignment to reviewers reporting organization now excludes Zilla admins from the user's hierarchy reassignment list. Zilla admins and campaign monitors still retain the ability to reassign to any User.
Zilla PO Box / ZUS in the Cloud Update
Improved error handling and error messaging for On Premise AD PO Box sync.
Zilla Platform Update
Added ability to create service accounts with admin role.
September 16, 2024 Release (T-11)
Integrations Update
Updated our Checkly ZUS integration to support Checkly's new users page along. The integration is now also syncing the MFA value.
Zilla Comply Updates
Updated limiting permissions in review capabilities to support permissions with a "/" in the name.
Updated Zilla Comply to ensure pending revocations flag for the Default (account) permission are persisted for reporting.
Zilla PO Box / ZUS in the Cloud Update
ZUS in the Cloud now supports MFA based login with "Okta Identity Engine".
September 6, 2024 Release (T-10)
Integrations Updates
Updated the changed url for external users in the BOX ZUS integration recipe.
Added Oracle Peoplesoft to application library.
Updated our Miro ZUS Integration to support a change in Miro's APIs. The integration has been updated to ensure it syncs successfully with both ZUS and ZUS in the Cloud.
Updated Example URL in Config for SAP Gigya to be more generic, to highlight that it is only an example.
Updated the Crowdstrike API integration to show the role name instead of role id.
Zilla Comply Update
Removed Segregation of Duties filtering in campaigns when Segregation of Duties is not enabled.
September 3, 2024 Release (T-9)
Integrations Updates
New ZUS integration: ADManager Plus
Updated the Crowdstrike API integration to resolve a sync error.
Updated the post-processing for directory syncs to correctly resolve the "Has Manager" field in the Users table when the manager is removed in the source system.
Zilla Comply Updates
Updated Zilla Comply to support separate custom emails for campaign launch and campaign reminders. This feature requires assistance from Customer Support.
Campaigns have a new setting “Limit Review to Orphan Accounts” under “What to Review”. When this is set to “Yes - Limit review to accounts with missing or inactive users“, generating the campaign will result in only permissions belonging to accounts that do NOT have an active user being included in the review.
Campaigns have the new setting “Limit Review to Segregation of Duties Violations” under “What to Review”. When this is enabled, generating the campaign will result in only permissions with segregation of duties violation flags being included in the review.
Campaigns have a new option in the "Who Reviews" tab for "Allow Reviewers to Reassign Access Review Items": Yes - Limit reassignment to reviewers reporting organization. By selecting this option, reviewers can only assign to a user higher in their reporting organization OR a campaign monitor. Zilla admins and campaign monitors retain the ability to reassign to any User.
Enhanced Zilla Comply's Email Notifications to include the date/time when the notification will be sent.
August 27, 2024 Release (T-8)
Integrations Updates
Updated our AWS Organization API integration to optionally fetch a user's SSO status using the API without requiring a SCIM token. This requires an update to the zilla-sso-reader-policy, please see AWS Organization - API Integration for details.
Improved the robustness of our SharePoint V2 API integration.
Updated the Procurify API integration to handle the case when a user does not have a department specified.
Updated our Crowdstrike API integration to provide role IDs in the entities roles request.
Zilla PO Box / ZUS in the Cloud Updates
Added support for Jenkins to ZUS in the Cloud.
Updated the On Premise AD script in Zilla PO Box to correctly handle the groups sync.
Delinea On Premise Deployment via native APIs is now supported in Zilla PO Box.
August 20, 2024 Release (T-7)
Integrations Updates
New API integrations: Procurify, Vonage Contact Center, Dutchie
Updated our Crowdstrike API integration to map roles to their display name in the Crowdstrike UI.
Updated the handling of CSV file uploads such that the audit log will only show the CSV file, the parsed json file will no longer be stored. This will allow Zilla to support larger CSV files.
Renamed Outlook to ‘Microsoft Exchange Online’ and 'Azure Active Directory' to ‘Microsoft Entra ID’. This change does not impact the name of existing application instances in Zilla.
Zilla PO Box / ZUS in the Cloud Updates
Added support for SQL Server to Zilla PO Box.
Zilla Platform Updates
Added audit logs when an account has been mapped to a user both automatically and manually.
August 13, 2024 Release (T-6)
Integrations Updates
Updated our Snowflake API integration to support role names which contain a hyphen.
Updated our Adobe API integration to correctly sync groups in the case the type is not specified in the API response.
New ZUS integration: SAP Gigya
Updated the SAP Gigya ZUS integration to add a configuration parameter to allow admins to specify the URL where the Gigya users table is found.
Zilla PO Box / ZUS in the Cloud Updates
Updated ZUS in the Cloud to be able to customize which recipe(s) should be used during the sync for an application. This configuration requires assistance from Customer Support.
MongoDB is now supported in Zilla PO Box.
Oracle Database is now supported in Zilla PO Box.
Zilla Comply Updates
Updated Zilla Comply to save application specific campaign reports in addition to the complete PDF report. These app-specific reports can be found in the evidence download.
August 5, 2024 Release (T-5)
Integrations Updates
New API integration: Wurk
Enhanced the Okta API sync to better handle large numbers of users being synced.
Updated our GitLab API integration to focus on active projects and skip over resources which are archived or marked for deletion.
Updated the QuickBooks ZUS integration to support QuickBooks' new UI.
Updated our LinkedIn ZUS integration to support LinkedIn's new UI.
ZUS in the Cloud Updates
Added support for Metabase to ZUS in the Cloud.
Platform Updates
Added the ability for read-only Zilla Service Accounts to access the Zilla Accounts API endpoint.
Zilla Comply Updates
Updated Zilla Comply to ensure the number of pending revocations on a campaign's Report tab is accurate and does not include any permissions not marked as Pending Revoke on the application's Permissions tab.
July 30, 2024 Release (T-4)
Integrations Updates
Updated the Okta API integration to support Okta's policy endpoint changes.
Improved the AWS API integration retry mechanism as well as the error handling.
Zilla PO Box Updates
Updated the On Premise AD script file destination path.
Platform Updates
Updated bulk editing of available permissions for an application to refrain from clearing the setting to treat groups as permissions in the CSV sync case.
Zilla Comply Updates
Updated the review task view to replace "Comments" with "History". The History still includes comments but also includes all actions taken on the review item as well.
July 23, 2024 Release (T-3)
Integrations Updates
New API integration: Adobe (only supported for Adobe Enterprise Customers), see Adobe API Integration for details.
Updated our Salesforce API integration to correctly import permission descriptions.
Updated the Expensify ZUS integration to support syncing multiple workspaces and its members as groups and group members in Zilla.
Resolved an issue with the ZUS browser extension getting updated while a sync is in progress.
Deprecated the Threads ZUS integration, see Threads (Deprecated) for details.
Updated the ZUS integrations to include accounts as active when they only show up in a group membership.
July 12, 2024 Release (T-2)
Zilla Comply Update
Include escalation reassignment history in the review item comments. The statement includes both old and new assignees as well as the date/time.
Allow comments to be submitted and edited independently from taking a maintain/revoke/change action on a review item.
Support a custom message on the reviewer submission certification dialog. This feature requires assistance from Customer Support.
Respect the 'Allow Self Review' campaign setting over designated reviewers. If the setting is configured to disallow self review and a designated reviewer would result in a self review, the review item is assigned to the Technical Owner of the application.
Integrations Updates
Updated the Power BI API integration to sync all workspaces regardless of user access. This update requires the
Tenant.Read.Allscope, see Power BI for details.Updated our Grafana ZUS integration to support Grafana's updated UI.
Resolved an issue with csv uploads for syncing an application when a column contains the separator character.
July 8, 2024 Release (T-1)
Zilla Secure Update
Updated Zilla Secure permissions to allow application owners to view a finding for a policy.
Zilla Comply Update
Added a new setting to Zilla Comply campaigns to optionally enable revoking unreviewed permissions when the campaign is closed. This feature currently requires assistance from Customer Support.
Integrations Updates
Updated our AWS API integration to correctly capture the MFA status for the root account.
Updated our Okta API integration to optionally enable syncing roles assigned to applications.
Updated the Rivery API integration to correctly handle accounts in the EU region.
July 1, 2024 Release (S13)
Zilla Comply Update
Added a REST endpoint to allow downloading a campaign CSV report.
Integrations Updates
New ZUS integration: Kibana
New API integrations: Rivery, Hashicorp Vault
Updated the 1Password ZUS integration to correctly sync group memberships.
Updated our Jira API integration to create a group discovered during the sync even when there are no members in that group.
Zilla Platform Updates
Updated the login process to resolve an issue when multiple tabs are open with the Zilla application.
Updated the database drivers in the platform.
June 21, 2024 Release (S12)
Zilla Comply Update
Updated the campaign CSV and PDF reports to include the permission description as a column.
At campaign completion, ensure the CSV download is generated such that it includes all of the resolution data.
Integrations Updates
Added the ability to receive notifications when a sync fails. The Technical Owner of the application will receive the email notification. This feature requires assistance from the Customer Support team.
Updated our GCP V2 API integration to sync project and folder level group membership.
Updated the Gitlab API integration groups sync to support sub group and projects within sub groups.
Updated our Concur API integration to skip the user name attribute if it is not included in the Concur response.
June 14, 2024 Release (S11)
Integrations Updates
Updated our GCP V2 API integration to sync project and folder level group membership.
Updated our Concur API integration to enable users search to filter the users which get synced with Zilla.
Zilla Platform Updates
Added support for multiple SSO providers within a single tenant.
Updated caching to ensure string resources are updated in a timely manner.
June 7, 2024 Release (S10)
Zilla Comply Update
The Campaign Settings section of a campaign has a new look! Settings have been split between three tabs, see Creating an Access Review Campaign | Customizing campaign settings for details.
Updated Zilla Comply to include Last Login info in the campaign CSV and PDF downloads.
Zilla Secure Update
Zilla Secure has been updated to include both a saved search and a new out of the box policy specific to Snowflake to show/flag accounts with MFA status disabled.
ZUS Browser Extension Update
Updated the ZUS browser extension integration builder to optionally save the full web page (mhtml) when assistance is requested. Saving the full web page requires an additional temporary permission for the Chrome browser extension. Please note that Zilla will not change any of your data and will revert the permission once the web page has been saved. See the Sending screenshots and HTML section of Zilla Universal Sync (ZUS) Browser Extension - Collecting application data for details.
Integrations Updates
Our Snowflake API integration has been updated to import MFA status.
Updated our AWS API integration to skip importing permission descriptions in the case that SSO config was not set up in the AWS integration.
Updated our Blackline API integration to correctly paginate through the users.
Updated our NetSuite API Integration RESTLet script to sync permissions.
ZUS in the Cloud Updates
Updated ZUS in the Cloud syncs to support large datasets.
Zilla Platform Updates
Resolved six medium severity vulnerabilities discovered in an external Pentest.
June 3, 2024 Release (S9)
ZUS Browser Extension Update This change has been updated, see S10 release notes above.
Updated the ZUS browser extension integration builder to save a screenshot and HTML as soon as the builder is invoked. This requires an update to the browser extension and a new permission must be accepted. Please note that Zilla will not change any of your data. See Zilla Universal Sync (ZUS) Browser Extension - collecting application data | Re enabling/Upgrading the browser extension.
Integrations Updates
Updated the way groups are synced in API integrations to allow nested groups to be saved correctly.
Updated our Databricks API integration to add a new config parameter, "URL of your Databricks account". See Databricks for details.
Updated our AWS API integration to correctly import descriptions for permissions and permission sets into Zilla.
Zilla Comply Updates
Updated the Slack notifications for campaign completion. In the case there are revocations requested for a completed task, the following message will be sent, "We're letting you know that the access review was just completed. The revocations and changes have been sent to your ticketing system, please look there for the revocations you need to do."
Updated campaigns which enable Campaign Readiness to show the correct number of permissions defined for an application.
May 28, 2024 Release (S8)
ZUS in the Cloud Update
Updated Okta SSO MFA authentication to support both Okta classic engine and Okta identity engine.
Integrations Updates
New API integration: Blackline
New ZUS integration: Wistia
Updated our Mimecast API integration to create accounts for users which the client id and secret credentials cannot access.