22 August 2025

SailPoint Identity Security Cloud – New Updates

Key Highlights from this latest release:

 

  • BeyondTrust Password Safe On-Premise Integration: Identity Security Cloud now supports the BeyondTrust Password Safe (On-Premise) credential provider for Secrets Management. This enables credential cycling directly from BeyondTrust, providing stronger security and streamlined password management

 

  • Workflows – Execution Playback: 
    A new execution playback feature has been introduced for Workflows. Administrators can now “playback” workflow execution logs in the same format as Test Workflow, viewing input/output data step by step. Even if the workflow has been modified since execution, playback restores the original configuration for accurate review and troubleshooting

 

For the full release notes, visit: https://community.sailpoint.com/t5/SaaS-Release-Notes/tkb-p/saas-release-notes

6 August 2025

CyberArk: CA25-28 – Potential session hijacking, allowing unauthorized access to an authenticated Secure Infrastructure Access (SIA) user’s session

Issued: August 06, 2025

Updated: N/A

Version: 1.0

Severity: High

CVSS Score: 8.1

Third-party publication / CVE: N/A

Impact: Potential session hijacking, allowing unauthorized access to an authenticated Secure Infrastructure Access (SIA) user’s session.
 

Affected products and versions:

  • Secure Infrastructure Access: The following SIA connection types are affected when accessed by users authenticated via a federated identity provider (external IdP):SIA-RDPSIA-SSH

* This Security Bulletin applies only to the listed affected products. If this issue also affects another CyberArk product, it will be addressed separately in accordance with CyberArk’s Product Vulnerability Management Policy.

** Relates only to versions that are within their development life cycle. Refer to our End of Life policy for details.

 

Resolution: To address this, connections via Secure Infrastructure Access (SIA) now include an additional, optional authentication factor.

After the initial authentication step, users will be prompted to enter a PIN code in the native client, as part of the SIA authentication flow.

To enable the additional authentication factor, follow the steps below:

  1. Log in to the Identity Administration portal.
  2. Navigate to: Core Services → Policies
  3. Choose an existing policy to edit or click Add Policy Set to create a new one.
  4. Navigate to: Authentication Policies → CyberArk Identity Security Platform
  5. Set the drop-down menu Enable authentication policy controls to Yes.
  6. Check the box for Enable PIN code protection for native clients.
  7. Click Save.

It’s important to note that even if the flag is already enabled, you still need to click ‘Save’ for the new flow to apply.

 

Temporary mitigation:

There is no temporary mitigation available for this security bulletin.

28 July 2025

BeyondTrust: CVE-2025-2297 & CVE-2025-6250

We would like to inform you about two recently published high severity vulnerabilities in Privilege Management for Windows

 

Summary

·   CVE-2025-2297: This high severity vulnerability in Privilege Management for Windows allows for a local authenticated attacker to elevate privileges.

·   CVE-2025-6250: This high severity vulnerability in Privilege Management for Windows allows for a local authenticated attacker with elevated privileges to bypass anti-tamper protections.

 

Who May Be Impacted

Privilege Management for Windows customers on the versions prior to 25.4.270.0

 

Resolution and Mitigation

Both vulnerabilities have been addressed in Privilege Management for Windows 25.4.270.0. At the time of the CVE’s release on July 28th, all cloud tenants will have been upgraded to 25.4. Customers can push version 25.4.270.0 to clients to remediate this vulnerability.

 

Want to dive deeper? Check it out here:

25 July 2025

SailPoint: Identity Security Cloud Production release notes

Product and Feature enchacements:

 

Machine Identity Security:

  • Users can now opt out of the Machine Account Discovery feature by disabling it on the System Features page.

Connectivity – Jack Henry:

  • The Jack Henry connector now supports Symitar 2024.

Connectivity – Snowflake:

  • The Snowflake Connector can now aggregate database roles as entitlements. It can also assign and revoke database roles at the account level.

Identity Security Cloud – Core Access Model:

  • Standard criteria for role assignments have been enhanced as follows to provide an improved administrative experience and greater flexibility in assigning roles:
    • A Does Not Contain operator has been added for Identity and Account attribute expressions.
    • The ability to compare against a list of values in a single criteria statement has been added. For example, you could evaluate if a user’s department is EQUAL to Accounting, Finance, or Accounts Payable in a single statement.
    • The >, >=, <, and <= numeric operations have been added to account attribute expressions.
    • Issues with boolean comparisons evaluating null values as FALSE have been resolved.

 

Fixes:

 

Identity Security Cloud – Core Access Model (SAASTRIAGE-8724):

  • Fixed an issue where source attributes were not displaying on the Entitlement Details page.

Connectivity – Active Directory(CONETN-5109):

  • The Active Directory connector no longer throws an error when using a gMSA account if the same service account is being used for multi-domain or multi-forest configurations.

 

Further details available from the Compass Community site here: SaaS Release Notes – Compass

1 2 3 4 5 6