January 15, 2021

Stay up to date on our latest software release updates.

At SailPoint we’re committed to innovation. From product improvements to breakthrough technologies, this page will highlight our IdentityIQ and File Access Manager release updates, as well as provide a preview of some of the great new features our team is currently working on.

SaaS Releases

Stay up to date on our SaaS product releases.

Connectors & Integrations

Find the latest information in our Connector Directory.

Forward Looking Statement

The development, release, and timing of any features or functionality described for our products that are not currently available remains at our sole discretion on a when, and if available, basis and may not be delivered at all and should not be relied on in making a purchasing decision.

Customer Influenced
Investment Theme
Product Version
Filter icon Filters:
File Access Manager API
8.2

“Classification Category” Filter in the Permission API Endpoint

Focus your queries and 3rd party integration on sensitive resources and specific categories with new API filter options.

File Access Manager Platform
8.2

.NET Core Migration

Leverage the power of the .NET Core platform with improved performance and scalability.

File Access Manager Connectivity
8.2

AWS S3 Bucket Connector

Extend your governance controls and processes to your Cloud Storage and AWS tenants, and remain secure through digital transformation efforts. Leverage File Access Manager’s Permissions Analysis, Access Reviews capabilities to resources and files stored on AWS S3 Buckets, and attain a comprehensive governance posture and greater visibility into access to data on S3 buckets throughout the organization.

Analyze access rights for AWS IAM Identities across multiple Regions, Organizational Units and External and Internal Accounts. Review granular access governance controls down to the file level. Users can also gain insight into Organization and Bucket-level Access Policies, Public Bucket Permissions and fine-grained ACL-based access rights for individual identities.

File Access Manager API
8.2

Add Usage Statistics to the Permissions API

Get information on unused access through the File Access Manager Permissions API, with new statistics added.

File Access Manager Configuration Administration
8.2

Administrative Capabilities to the Business Website

In the new File Access Manager Business Website, take advantage of the improved user experience, sleek interface and granular role-based control. Additionally, perform and delegate administrative operations such as configuring and managing SMTP Settings, Data Sources and Data Dictionaries with the new management screens.

File Access Manager Security & Authentication
8.2

Administrative Power-User Password Complexity Improvements

Enforce password security and complexity, when setting up the File Access Manager Super-User as part of the initial product installation. This prevents the risk of leaving this powerful account unsecure or the need to go back and change it later.

File Access Manager Application Onboarding
8.2

Application Configuration & Management Web Migration

A newly created Application Configuration Wizard and Management Screen has been migrated to the File Access Manager Business Website. Enjoy streamlined design and UX, a guided user journey through wizard hints, tagging and filtering capabilities, and delegate access with the improved RBAC.

The ability to create and manage applications, or perform operations on resources, can now be delegated to other users and Admins. They do not have to install the Legacy Client Application except for specific use cases.

The Application Configuration experience has been aligned with the new design of the Business website for easier administration and navigation between applications.

File Access Manager Security & Authentication
8.2

Business Website Single-Sign-On (SSO) Integration

Integrate File Access Manager with the Identity Provider of your choice with new support for all SAML-based SSO Services, in addition to the standard Windows Authentication.

Enjoy a smooth logging experience and seamless support for distributed and hybrid environments.

File Access Manager Standards & Compliance
8.2

Common Criteria Certification

After a rigorous evaluation process, File Access Manager received its official Common-Criteria Certification. Common Criteria is now the most widely accepted product security certification standard, required by governments and enterprises around the world to protect their mission-critical infrastructure and products. It is also required by the US Federal Government.

It ensures that the right security measures were taken into consideration and that rigorous processes and validations are taking place during:

  • The product’s development process
  • Its architectural design
  • Devising its deployment and delivery methodologies

This certification marks that File Access Manager complies with the highest industry standards in terms of:

  • Security
  • Product development life-cycle management
  • And deployment and delivery standards
File Access Manager Reporting Improvements
8.2

Hierarchical Resource Scope for Sensitive Data and Permissions Analysis Report Templates

With the new scoping ability, easily configure the scope of your File Access Manager reports by including and managing resource hierarchies.

File Access Manager Connectivity
8.2

Isilon Multiple Access Zone Support & Tenant Isolation

File Access Manager now offers Tenant Isolation and Full Capabilities for Multiple Access-Zones on Isilon Clusters.

With the addition of Activity Monitoring and Permission Collection capabilities for Multiple Access-Zones within an Isilon Cluster and removing the dependency on the Administrative (System)-Zone-based OneFS API, each Access Zone within the cluster functions as an independent Isilon Application within File Access Manager.

This enhancement marks the transition in approach from a Cluster-Oriented to a Zone-Oriented configuration. The new configuration will allow users to easily configure applications per Access Zone settings, now allowing for multiple Access Zones on the same cluster to be created with ease.

File Access Manager Connectivity
8.2

Linux Connector

Protect your mission-critical Linux servers, and ensure the integrity and continuous availability of the resources and unstructured data they rely on. File Access Manager’s new Linux Connector analyzes access rights, performs Access Requests and Certifications, and identifies and classifies sensitive information on your Linux systems, of all major distributions.

Through a single centralized view, this feature provides organizations with a comprehensive picture of effective data access privileges granted to users, accounts and groups from NIS and LDAP (AD) identity stores, as well as local accounts and identities.

File Access Manager’s approach will allow IGA admins and data owners to enforce governance controls, identify sensitive information, excessive privileges and overly-privileged accounts, detect overexposed or jeopardized resources, and assess risk. Then, preventive and mitigative actions can be taken to protect mission critical processes and resources.

File Access Manager Security & Authentication
8.2

OAuth-based Modern Authentication for O365 Connectors

Enjoy easier configuration and onboarding, improved performance, and increased security with your Cloud Applications!

  • OAuth-Based Modern Authentication is now available for SharePoint Online, Exchange Online, and the Azure AD Identity Collector and OneDrive.
  • File Access Manager supports Modern Authentication methods for all O365, and all cloud endpoints in our Connectivity Portfolio.
  • Legacy Authentication, which Microsoft is gradually aging out is no longer required.

With no credentials shared or stored, the risk of jeopardizing service accounts is reduced. You can impose Security Policies, such as Multi-Factor Authentication and Credentials Cycling, on service accounts with no additional effort just as you would for all other accounts. As part of this change, we also added support for multiple authenticated accounts to improve performance and avoid throttling quotas.

File Access Manager Resource Navigation
8.2

Resource Explorer – Web-based Resource Navigation

Easily navigate and manage Data Assets and Resources with the File Access Manager Web-based Resource Explorer.

Enjoy:

  • The File Access Manager Website slick user-experience
  • Global & Scope based just-in-time search with auto-complete
  • Resource Name & Full Path simultaneous matches
  • Breadcrumb trail & shortcuts for easier navigation
  • Paging & perpetual scroll
  • Improved performance & reduced clutter
File Access Manager Reporting Improvements
8.2

Resource Scoping and Ownership Filtering in the Stale Data Reports

Reduce your attack surface by defensively discarding unused information, and save storage cost and administrative overhead. Identify Stale Data and unmanaged resources that store unused files with the new capabilities to scope and filter your Stale Data Analysis reports. Zoom in on the most critical resources and identify those which no one is responsible for to highlight the areas you need to address first.

File Access Manager Reporting Improvements
8.2

System Usage Report

With the newly added System Usage Report, view and analyze aggregated usage statistics to help us learn what you like and dislike. This allows us to perfect the most used flows and correct the ones that aren’t as smooth.

File Access Manager Access Requests
8.2

Top Level Requestable Resource Labeling

With a new labeling feature, organize your requestable resources and simplify users’ access requests experiences. This will help make sense of complicated, duplicate, or unfriendly resource names, and allow you to conform to your organizations naming conventions and standards.

File Access Manager Business Website RBAC Enhancements
8.2

User Scope Change Management & Default Capability

The new User Scope Import capabilities allow change management and cumulative imports of resource scopes for business users, as well as a streamlined ownership assignment process, allowing you to assign Data Ownership Capabilities. This can be done by leveraging Manage Business Users visibility over time, simplifying users onboarding within the organization, and expediting deployment and adoption efforts.

For a quicker more intuitive onboarding, the default scope for the Auditor and Compliance Manager Capabilities have been adjusted to manage all resources by default.

IdentityIQ Cloud Governance
8.2

CAM Integration

IdentityIQ is integrating with Cloud Access Manager to provide visibility into and governance over IaaS platforms.

IdentityIQ Reporting
8.2

Reporting

Reporting needs continues to be of utmost importance to a compliant governance program. Many key improvements are being made to IdentityIQ reports.

IdentityIQ UX
8.2

Self-service Password Reset Improvements

Improvements to the self-service password reset flow are being made to streamline the user experience.

IdentityIQ Roles
8.2

Automated Role Discovery and Creation

Provides a seamless experience between role creation and role governance eliminating the need to export roles and insights via CSV.

IdentityIQ Rapid Setup
8.2

Rapid Setup

Continuing to build on Rapid Setup, we are working on adding Identity Processing Thresholds for Rapid Setup and non-Rapid Setup lifecycle events. We are also making improvements to OOTB Attribute Synch that will be tied to Rapid Setup to allow for capabilities such as staged event processing and better traceability of attribute synch events.

IdentityIQ Privileged Access
8.2

Enhanced Lifecycle Management of Privileged Access

IdentityIQ Privileged Access Management module is being improved to automate lifecycle management of the assignment and ownership of privileged access management.

IdentityIQ Access Requests
8.2

Support Business Justifications for Access Requests and Approvals

Administrators can optionally require that access requests and access approvals to specific roles, applications, or entitlements be accompanied by a business justification.

IdentityIQ Platform
8.2

Improved Active Directory Aggregation

AD aggregations will use the GUID instead of DistinguishedName as the uniqueID for improved accuracy.

IdentityIQ FAM Integration
8.1

Classifications for Sensitive/Protected Data Access

Protect the security and integrity of your access governance practice by using custom classifications to categorize and flag sensitive access. Classifications can alert you when requesting, granting, or approving roles or entitlements will give the user access to sensitive, protected, or otherwise significant data.

IdentityIQ FAM Integration
8.1

Integration with File Access Manager

Bring key data governance features to the IdentityIQ business user by integrating with File Access Manager. This integration puts a Data Governance menu and widgets on the IdentityIQ dashboard, providing direct access to the File Access Manager website and giving users the context needed to make informed access decisions.

IdentityIQ AI
8.1

Automated Approvals in Access Reviews

Add efficiency and speed to your approval process by allowing automatic approval of access based on recommendations from IdentityAI.

IdentityIQ AI
8.1

Localization of Recommendations

Expand the global use of IdentityAI recommendations for access requests or certifications, by presenting recommendation information in English, German, French, Dutch, Spanish, and Italian.

IdentityIQ Certifications
8.1

Certification Enhancements

Make the certification process clearer and more transparent for both reviewers and users by requiring reviewers to include comments when revoking access in a certification, and by showing more entitlement details to reviewers about the roles they are reviewing.

IdentityIQ Platform
8.1

Support for Google Cloud Platform

Hosting IdentityIQ within Google Cloud’s IaaS Platform is now a supported option.

IdentityIQ Platform
8.1

Alerts Expansion

New SCIM API for alerts, allowing the creation of new alerts (POST) and checking the status of existing alerts (GET).

IdentityIQ Access Requests
8.1

Access Management Enhancement

A new Quicklink configuration setting (“What can members remove?”) gives you flexibility and control over what users can view and remove on the Remove Access tab, when managing user access.

IdentityIQ Accessibility
8.1

Expanded 508/WCAG Compliance

The Edit Preferences page is now 508/WCAG compliant, and is enhanced with a user-friendly multi-tab format.

IdentityIQ Platform
8.1

Expanded OAuth Support

IdentityIQ now supports OAuth on all REST endpoints within IdentityIQ, including the Plugin Framework.

IdentityIQ AI
8.0

Artificial Intelligence for Guiding Access Decisions

Gain deeper visibility into managing the risks associated with user access, using the artificial intelligence and machine learning capabilities of SailPoint’s AI Services. A simple, out-of-the-box integration with AI Services gives you the power of artificial intelligence insights, providing guidance for decisions on access reviews and access request approvals.

IdentityIQ Access Requests
8.0

Automatic Deprovisioning of Expired Roles and Entitlements, with Notifications

Add security and efficiency to certifications by enabling the automatic deprovisioning of roles and entitlements when a temporary exception period expires. Manage time-limited access proactively by enabling email notification of impending sunsetting and deprovisioning of roles and entitlements.

IdentityIQ Access Requests
8.0

File Attachments in Access Requests

Add essential attachments such as training certificates or notarized authorizations to access requests. You can make attachments can optional or required, and use rules to define specific requirements.

IdentityIQ Access Requests
8.0

Responsive Approvals – UI Enhancements

An expanded default view for Approvals provides full information for all approval items, making it quick and simple for approvers to review and process access requests from a single page, without having to open each item individually to see details and take action.

IdentityIQ Platform
8.0

Plugin Framework Enhancements

Expanded plugin features include the ability to leverage classes contained in plugins from any area or feature of IdentityIQ where BeanShell can be used (such as rules, workflow steps, and scriptlets), and support for forms in the plugin configuration UI, giving you more ways to present complex or dynamic options in the plugin’s configuration page.

IdentityIQ UX
8.0

New Context-Sensitive Help

New context-sensitive help to Targeted Certifications, Access Reviews, and Access Requests.

IdentityIQ Administrator Tools
8.0

Changes to Logging

Support for version 2 of Log4j adds new logging capabilities (specifically, change listening), and changes the logging configuration file name and logging syntax.

IdentityIQ Administrator Tools
8.0

Support for Piped Commands in the IIQ Console

Filter or redirect IIQ console output using piping.

IdentityIQ Platform
8.0

OpenJDK Support

IdentityIQ version 8.0 supports OpenJDK.

IdentityIQ Reporting
8.0

New Reports for Capabilities

See how access to features within IdentityIQ are assigned to identities in your system, using new reports mapping identities and capabilities.

IdentityIQ UX
7.3

End user Experience Enhancements

Four of IdentityIQ’s most commonly-used user interfaces have been updated to be simpler, more intuitive, streamlined, and mobile-friendly: Access Reviews, Access Requests, Work Items, and Managing User Access.

IdentityIQ Accessibility
7.3

Accessibility: 508 and WCAG 2.0 Compliance

Users with disabilities such as visual and motor impairments now have enhanced accessibility in IdentityIQ’s UI, which follows worldwide WCAG 2.0 and United States 508 Compliance guidelines for keyboard navigation, focus control, screen reader support, and color contrast.

IdentityIQ Certifications
7.3

Certification Enhancements

Expanded options for self-certification give finer-grained control over who may validate their own access.

IdentityIQ Certifications
7.3

New Certification Type: Targeted Certification

Easily build flexible, full-featured certifications from an intuitive and user-friendly new UI that gives users more control over who, what, and when to certify.

IdentityIQ Administrator Tools
7.3

Environment Monitoring for Hosts and Applications

Track the health of both cloud-based and on-premise IdentityIQ environments and enjoy better visibility into the state of your environment using new monitoring and troubleshooting features.

IdentityIQ RPAs
7.3

Robotic Process Automation (RPA) Governance

Add robust governance of Robotic Process Automation (RPA or “bot”) identities using new controls and attributes to categorize identities by type.

IdentityIQ Privileged Access
7.3

Credential Cycling for Privileged Access Management

Make privileged access more secure and convenient by enabling applications that require a login and password to obtain that information directly from a PAM source at runtime.

IdentityIQ Policy
7.3

Effective Access SOD

Enforce separation of duties for effective entitlements using a purpose-built new policy type.

IdentityIQ Platform
7.3

Process Resiliency

New resiliency features help ensure that cloud-based implementations of IdentityIQ are resilient to the dynamic nature of cloud-hosted environments, and help on-premise implementations minimize the impact of outages, database failures, et cetera.

IdentityIQ Platform
7.3

Bulk Management of Applications

Onboard and manage applications in bulk using a new task that facilitates simple creation and maintenance of multiple applications.

IdentityIQ Administrator Tools
7.2

Task Management

Enjoy better visibility and control of tasks using a new new task management administrator UI. Monitor task status and performance, choose specific hosts for running tasks, and gather stack trace details.

IdentityIQ Administrator Tools
7.2

Application Maintenance Windows

Avoid unexpected downtime by setting maintenance windows for applications; you can specify when applications are taken offline for maintenance, preventing any interactions with the application’s target system.

IdentityIQ FAM Integration
7.2

SecurityIQ Target Collection

Gain a more complete a more complete picture of the access users have on unstructured resources like network file shares, SharePoint, cloud file stores, et cetera, by aggregating unstructured target permissions data from SecurityIQ into IdentityIQ.

IdentityIQ FAM Integration
7.2

SecurityIQ Alert Collector

Share valuable contextual information about processes between IdentityIQ and SecurityIQ by aggregating activity alert records from SecurityIQ, and use this data to trigger workflows, certifications, and/or notifications in IdentityIQ in response to those alerts.

IdentityIQ Policy
7.2

Policy Violation UI Enhancements

Processing violations is easier and more intuitive with a new Policy Violations user interface.

IdentityIQ Certifications
7.2

Access Review UI Enhancements

All Access Review UIs now use the enhanced and streamlined UI that was introduced in release 7.1.

IdentityIQ Access Requests
7.2

Track my Requests UI Enhancements

New enhanced, responsive UIs make tracking requests simpler and more intuitive for requesters and request owners.

IdentityIQ Platform
7.2

Plugin Framework Enhancements

Enhanced functionality for plugins includes internationalization, snippet support, Angular support, and the ability to implement your plugin as an IdentityIQ widget.

IdentityIQ Platform
7.2

Multi-factor Authentication

Make your IdentityIQ access more secure by adding multi-factor authentication.

IdentityIQ Platform
7.2

SCIM API Additions

Additional endpoints added to the IdentityIQ SCIM interface.