Subscribe to all Changelog posts via RSS to stay updated on everything we ship at Nudge Security.
We’ve enhanced Nudge Security’s OAuth management functionality with the ability to take bulk actions to audit and revoke OAuth grants. Now, you can multi-select any Google and Microsoft OAuth grants and choose to either auto-revoke them or send a nudge to the employees who created the OAuth grants asking them to review whether or not they are still needed.
‍
If a user selects the nudge response indicating that they’re still using the application, Nudge Security will simply record their response under Nudge History. If a user replies that the grant is no longer needed, the grant will be revoked automatically.
‍
We’ve added new filters to help you navigate the OAuth grants in use at your organization. Now, you can filter grants by authorizing application, type, risk, permissions, user account status, admin privileges, or OAuth grant status. For example, you can use filters to quickly find high-risk OAuth grants, or OAuth grants from suspended or disabled users.
‍
‍
We’ve added a custom field to nudges, allowing you to send a note to your employees any time you send a nudge. This allows you to add any contextual information that might help your users with a specific nudge.
‍
You may have specific employees who you want to opt out of receiving nudges, such as senior executives or contractors.Â
‍
We’ve introduced a way to make sure these users won’t receive nudges going forward. Under Organization Settings, you can create a list of users to opt out of nudges. Take a look in the interactive demo below.
‍
‍
We've added a new dashboard to help you understand what AI tools are in use at your organization and who is using them.
‍
Now, you can:Â
‍
Read today’s blog to learn more or check out our interactive demo below.
‍
We've added a new filter to help you view your employees' accounts by authentication type to see how they're accessing different apps. For example, you might want to look at all accounts created with a username and password, meaning the logins aren't unmanaged by your organization. You can also filter by authentication methods such as Okta, Azure, Google Workspace, Slack, Office, and Github.
‍
Certain playbooks in Nudge Security may send more than one nudge to the same employee. For example, when you run the playbook to remove abandoned accounts, some employees might have accounts with several of the apps you choose to audit. Previously, they would receive a nudge for each application.Â
‍
Now, when the same nudge applies to multiple apps, we’ll consolidate them into one Slack message or email to help cut down on notifications for your employees. The interactive demo below will show you what your users will see in either situation.
‍
We've improved the information we provide for each application account by adding more detail around the authentication methods used by the application. For each account, we are adding insights about which authentication methods are used, the last activity, and the MFA status for each of them. The authentication methods include accounts being accessed via SSO providers like Okta or Azure AD, and Oauth (such as sign-on with Google or Microsoft), as well as accounts created via username and password. We’ve also added the ability to filter accounts by authentication type.
‍
We’ve added three new ways for you to customize the nudges you send to your employees. Now, you have the option to:
‍
Nudge Security has added a new filter enabling you to filter apps by technical contact. Now, you can see a list of all applications assigned to a particular technical contact and, if needed, edit them in bulk to reassign them.
‍
‍
