Release Notes December 2024
- 04 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Release Notes December 2024
- Updated on 04 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Here's a summary of the changes coming on December 11th.
If you only read one thing: Nested Entitlement Access Graph!
New Features
Nested Entitlement Access Graph
We are introducing a new visualization for nested access.
Many teams struggle with understanding the scope of their nested access, what’s nested, who has access to downstream groups, and generally just the complexity of understanding “who has access, and is it appropriate”. Active Directory in particular has this issue in spades, as it’s quite difficult to get full visibility between domains or where deep nesting is in place.
Clarity now has a new graph visualization that can help answer those questions!
For a given peice of access, you can see both “how can I get this entitlement” and “what does this entitlement give me”. You can also click to inspect, and view who has access to any of the entitlements on the graph without leaving the page.
For a team working on a complex AD cleanup project, this will be a huge accelerator when combined with Clarity's unique “entitlement-entitlement” access review type, which allows you to review the nesting and create remediation plans for access that isn’t required.
New Feature: Automated CSV Ingest
Periodic uploads of CSV data are a critical stopgap for applications that don’t have an effective API or database integration point. Clarity now supports ingesting CSV data periodically from the Clarity file store. This is an improvement over prior CSV ingestion through the UI.
Contact your Clarity implementation engineer for details on how to leverage our API for this feature.
New Feature: Application Sync Audit / Export!
It’s now possible to review both the status of any given sync from an application, but also the complete dataset after Clarity processing for that single sync. This data was not previously visible to Clarity admins, and can be a huge help for troubleshooting integration status or verifying completeness and accuracy.
Ongoing Improvements
Improved Role Mining and Management!
Roles are a huge component of Clarity Lifecycle management capabilities. They are automated, allow easy discovery of common access, and can simplify on-boarding massively. We’ve made a few improvements here:
Roles now display inherited access based on what’s nested below the direct assignment entitlements giving visibility to the full access granted by the role
Roles can be individually purged and automatically rebuilt without impacting other roles, much better for small changes or cleanup projects
You can now easily discover "new" access within roles without otherwise changing the role (Ex. after a new app is connected)
It’s also easier than ever to remove entitlements from a current role.
Self-Host is now a deployment Option!
For customers interested in hosting Clarity on their own infrastructure within their firewall or on their own VPC, it’s now possible! Clarity will provide an image that can be deployed on standard server infrastructure. For security conscious teams, this can be a huge advantage:
It puts Clarity under your complete control
No 3rd party data or audit dependencies required (all under your infrastructure audits)
Please contact sales@claritysecurity.com if you are interested in this option.
Version 1.6.1.0
Was this article helpful?
