Check out the highlights from our most recent update, Platform Release 698. This release contains 449 items including new features, improvements, and bug fixes. See the highlights below. For a full rundown, check out the complete Release Notes here.
Dashboard & Analytics
Identify Risks Early with the New Insider Threat Dashboard
We have added a new Insider Threat Dashboard under the Dashboards menu.
The Insider Threat Dashboard shows you a summary of organizational risks. You can view risks by rule type, risk scores by rules, risks by departments, top risky employees, etc. You can click on a graph to drill down to individual risks, rules, and users.
Behavior Policy & Rule
Assign Risks to Rules with the New Classification Tags
We have added a few built-in tags to the rules. These can be selected from the MARK THIS POLICY WITH TAGS TO IDENTIFY ITS PURPOSE field on a rule’s General tab.
The tags are used on the Insider Threat Dashboard.
Security & Account Management
Better Manage the Security of Your Account with the 2FA Enhancements
We have introduced a number of changes and new options to the 2-Factor Authentication. These include:
Email-Based 2FA Verification
We have introduced an option to support email-based 2-Factor Authentication.
You can enable the feature by turning on the Settings > Security > ENABLE MFA VIA EMAIL option. You can then enable/disable the email 2FA option from your profile.
2FA Trusted Device
We have added an option, Trust this device for 15 days to the 2-Factor Authentication screen. If the option is enabled, you will not be asked for a 2FA code for 15 days.
You will be able to use this option on multiple devices (each with its own time period) and for both Authenticator App and Email authentications.
2FA Enrollment Timeout
We have added a timeout feature on the 2FA enrollment screen. The user will have to set up the 2FA before this timeout expires.
The timeout value is taken from the Settings > Security > IDLE TIMEOUT field.
If the timeout is expired and the user hasn’t set up the 2FA, they will be logged out. The event will be recorded in the System > System Log and the BI Reports > Audit reports as a Logout/Time left event.
SSO vs 2FA Exclusivity (Cloud)
Previously, 2-Factor Authentication was always enforced on Cloud deployments. Now, you can disable it if you enable the Single Sign On (SSO) authentication. You can configure them on the Settings > Security screen under the Dashboard authentication section.
Get More Information About Your Instance (Cloud)
Sometimes, Teramind may add additional servers to your Cloud instance for better performance and load balancing. However, previously the My Account > Server & Port tab would only show the primary server.
We have made changes so that it will now show all the attached servers.
System Settings & Configurations
Configure the Daily Digest Email According to Your Needs
You can now configure what sections will be displayed on the Daily Digest/Snapshot email from the Settings > Daily Digest Alerts screen.
Get Consent from the User to Conform with Privacy Regulations
We have added an option, USER CONSENT AGREEMENT TEXT to the Settings > Login Screen. This will allow you to specify any text with formatting and styles.
The user will have to accept the agreement before they are allowed to log into the Dashboard.
New API Additions and Improvements
Get a User’s Details Using Email or Agent ID
We have added a new API GET command to get a user’s profile via their email address.
The command is:
https:///tm-api/agent/ ?fileds=field1,field2...fieldN
Example 1 (Using Email Address):
https://acme.teramind.co/tm-api/agent/[email protected]?fileds=agent_id,first_name,last_name,department_id
Example 2 (Using Agent ID):
https://acme.teramind.co/tm-api/agent/49?fileds=first_name,last_name,department_id,email_address
If the fields
variable isn’t specified, the entire profile will be returned.
Get Automated Download Links for the Agent (Cloud)
We have recently changed how the Agent download links are generated for better security. The links now have an expiry time (7 days) and are generated on demand.
We have added an API command, tm-api/download/links?fullPaths=true
that can be used with a GET method to retrieve the download links of the latest versions of the Agent.
More information about the download links and API can be found in this Knowledge Base article.
Agent Improvements
Monitor Modern Websites with Support for the HTTP/2 Protocol
Many websites are gradually moving towards the HTTP/2 protocol as it improves website performance, optimizes resource usage, and reduces browsing latency.
We have added support for this HTTP/2 protocol.
Get the Most Out of Your Endpoints with the Latest Agent Updates
Upgrade to the latest version of the Agent to get the following benefits:
Optimized CPU Usage on Non-Persistent VDI
We have made some changes to the input monitoring module that’s responsible for tracking keystrokes and mouse activities. The changes will improve the CPU usage (4% – 8% on average) on a non-persistent VDI.
Improved Performance when Registry not Monitored
We have made some changes to the Teramind File System Driver (tmfsdrv2) that will help improve the performance of the overall system when registry monitoring isn’t needed (e.g., when not using any WINDOWS LOG EVENT rules).
Improved Compatibility with Zscaler
We have made some changes to the Agent so for users of Zscaler this will remove OS performance issues and improve startup time.
Mac Updates
Prevent Data Exfiltration with Files Content Sharing Rules
We are adding support for the Files Content Sharing rule type on Mac. With support for this rule type, you will be able to create a rule like the one below.
Check out the Content Tab and Files sections under Content Sharing Rules: What Contents Trigger the Rules (Windows)? on the Rules Guide for more information.
Track Anonymous Browsing with the Private Mode Rule Criterion
We have added support for the Private Mode rule criterion of Webpages Activity Rules on Mac. You can now create a rule like the one below to detect private browsing.
Note that the feature is supported only on the Safari browser at the moment.
View the Status of OS Permissions Right from the Dashboard
The Mac Agent requires some OS permissions to operate properly. Without these permissions, you might encounter missing activities/screen recordings, etc. Previously, there was no easy way for you to check if these permissions were enabled for the Agent.
You will now be able to view what Mac permissions are enabled/disabled from the Computers > Computer’s Details screen.
Other New Features & Improvements
There are a lot more changes packed into this release with several enhancements to the web and server components. Below is a summary of some of these improvements. Check out the full list here to get the details.
Dashboard and Reports Improvements
- We have updated the ONLINE EMPLOYEES dashboard widget so that it now properly displays all the information in a streamlined way.
- We have migrated the Productivity > Overview report so that it will now use the same data sources as the BI Reports.
- Finally, we have added support for the latest LinkedIn API ensuring proper parsing of the Monitoring/BI Reports > Social Media report.
Server Improvements
- We have improved the mechanism of acquiring database connections and use fewer of them to avoid performance penalties and potential deadlocks.
- We have optimized the DB connection usage time when getting the computer and agent information speeding up the authentication process.
- We have moved the SIEM events into their own threat reducing the load on the main thread and preventing server hangs/crashes due to the SIEM server’s unavailability or a bad network connection.
- We have integrated new geofence data for cities increasing city name detection accuracy and eliminating issues related to missing/inaccurate city/country names.