3.8.0 Release Notes

12 min

these release notes offer an overview of the enhancements, new features, and resolved issues incorporated into kron pam 3 8 0 for detailed instructions and information, please consult the reference guide contact us contact us at support\@krontech com please note that only registered users can contact the support team release summary below is a comprehensive list of the changes, additions, and fixes integrated into the 3 8 0 version of kron pam password vault the feature allowing each user to add accounts to their own private vault has been added the ability to access password vault accounts via the desktop client has been added the secondary security password feature has been added to password vault secrets manager aapm secrets management agent for kubernetes has been updated the ability to install the aapm secrets management agent in silent mode has been added a uipath plugin has been developed for secrets manager integration sdk support has been added for the net 2 0 standard version for secrets manager integration privileged session manager the ability to connect to the target device without displaying the vault account password has been enabled in the connect to target device feature improvements and bug fixes have been made to the time restriction policy configured for rdp connections improvements have been made to the redirection of users attempting to access unauthorized pages in the web session management feature improvements have been made in container mode in the web session management module options to connect with and without authscript in ssh/telnet connections have been added the ability to prevent a command from running for a specific period of time on a specific device cluster in ssh/telnet connections has been added a connection refresh button has been added for ssh/telnet connections made through the kron pam web portal secure remote access the ability to adjust the complexity of the passcode for secure remote access portal logins has been added for the secure remote access portal, if only one device and one credential option are available, the ability to automatically connect to the target device has been added improvements have been made to the mfa flow to require mfa at the secure remote access portal login kron pam desktop client & kron pam mobile app the ability to connect to the target device without displaying the vault account password has been enabled in the connect to target device feature the initial jailbreak/rooted phone check in the kron pam mobile app has been improved biometric login has been enabled for the kron pam mobile application the ability to enter comments has been added for approvers in the kron pam mobile application windows epm agent the agent database is now fully encrypted to ensure enhanced local data protection the agent database is accessible only by the agent service, providing improved data isolation and security basic remote update functionality has been added, allowing the agent to be updated directly from the pam system new and modernized screen designs have been introduced for the agent interface the agent’s folder is now protected against external attacks for improved resilience local logs of the agent can now be exported with a single click ssl certificate support has been added for secure communication between the agent and kron pam (previously, ssl certificates were not used) automatic restart capability has been added for agent services and the tray application process to ensure service continuity if they are unexpectedly stopped otp protection has been implemented for stopping the agent service—administrators must now provide their otp to stop the service linux epm agent new user interface screens have been developed for the linux agent the ability to block, elevate, or allow a process has been added, including detailed metadata for each action processes can now be elevated through either managerial approval or otp verification offline otp authorization has been added for elevation purposes offline otp authentication has been added for login purposes installation and uninstallation scripts have been updated for improved usability and reliability selinux compatibility has been added, with full support for red hat enterprise linux versions 8 and 9 a realm check disable option, similar to the windows agent, has been introduced local user blocking has been added, with the ability to define exceptions as needed a new restricted host feature has been added to enhance control over host access policies privileged task automation information regarding the task's status has been added to privileged task automation the error in sending privileged task automation logs to the siem server has been fixed threat analytics performance improvements have been made on the user behavior analytics menu the error in sending threat analytics logs to the siem server has been fixed ui/ux improvements have been made to the threat analytics dashboard and configuration pages reporting ux improvements have been made on the database audit report and database vulnerability scanner screens multitenancy the feature to monitor other tenants' license usage in the host tenant has been added platform features the ability to set a maximum duration for managerial approval requests has been added the ability to approve or reject managerial approval requests via email when the manager is offline has been added buttons have been added to open menus in a new tab search issues in the user authentication logs menu have been resolved policy group information has been added to the policy tracking menu integration support for dirak hsm has been added the ability to export from the realms page has been added custom search filters set on the user, device, and vault screens are now stored in the user cache so they remain selected each time they are used the ability to add custom columns to the user, device, and vault screens and save selections as user specific settings has been added ui improvements have been made in the backup management menu ux improvements have been made to the policy key menu to enable the listing of policy keys and searching between keys ui improvements have been made when adding sms integration parameters the remote app menu has been improved in terms of iu/ux an approval step has been added for the record deletion steps ui/ux improvements have been made for element type properties options connector node information used for the connection has been added to the session log search results added temporary policy feature for tacacs+ server the comment field for connection reservation has been made mandatory