15 1 月, 2021

Stay up to date on our latest software release updates.

At SailPoint we’re committed to innovation. From product improvements to breakthrough technologies, this page will highlight our IdentityIQ and File Access Manager release updates, as well as provide a preview of some of the great new features our team is currently working on.

SaaS Releases

Stay up to date on our SaaS product roadmap.

Connectors & Integrations

Find the latest information in our Connector Directory.

In Discovery

SailPoint customers can participate in research for ideas In Discovery.

Forward Looking Statement

The development, release, and timing of any features or functionality described for our products that are not currently available remains at our sole discretion on a when, and if available, basis and may not be delivered at all and should not be relied on in making a purchasing decision.

Customer Influenced
Investment Theme
Product Version
Filter icon Filters:
File Access ManagerConfiguration Administration
8.3

Activity Data Persistence

File Access Manager 8.3 allows for the data persistence decoupling between the Elasticsearch and SQLServer stores. Administrator now have more granular control over storing and clearing activity data, from the SQLSever backup location, reducing maintenance overhead and storage requirements and improving maintenance performance.
IdentityIQBusiness Process Improvements
8.3

AD Move/Rename

When a native change to an Active Directory account or group alters that object’s Distinguished Name, IdentityIQ will update the DN on aggregation, and propagate the change to locations the DN is referenced throughout the product.
File Access ManagerConnectivity
8.3

AWS S3 Connector Federated Accounts Support

File Access Manager S3 Connector extends data governance controls to Amazon Cloud Storage and AWS tenants leveraging File Access Manager’s Permissions Analysis and Access Governance capabilities to manage resources and files stored on AWS S3 Buckets, and attain a comprehensive security posture and greater visibility. File Access Manager 8.3 extend the S3 Connector to enrich governance processes with federated identity information – by Associating Active Directory Accounts – AD Users and Groups – with their Effective Access to AWS S3 Bucket resources. Gain Visibility into identities access to S3 resources directly or through nested group hierarchies, and map identities to their IAM & SAML assumed roles through pattern-based and direct mapping – supporting all major IdPs role mapping.
File Access ManagerConnectivity
8.3

Azure File Connector

File Access Manager now extends data governance controls to Azure Files Storage and Azure tenants, through its new Azure Files Connector. Leverage File Access Manager’s Permissions Analysis, Data Classification and Access Governance capabilities to manage, protect and govern resources and files stored on Azure Files, and attain a comprehensive security posture and greater visibility into access to data on your Azure Storage throughout the organization – before, during and after migrations. Analyze effective access rights for federated identities; Classify sensitive information and highly regulated data, and enforce granular access governance controls and processes on your cloud storage.
File Access ManagerConfiguration Administration
8.3

Business Website Custom IIS Settings

File Access Manager 8.3 allows Administrators to configure custom IIS settings, such as setting the Business Website’s Name, Port, and Location setting, through an easily configurable system-wide setting. These configuration available through the File Access Manager Server Installer, allow administrators to support secure-deployment best practices, and avoid default naming conventions and settings.
File Access ManagerData Classification
8.3

Data Classification Enhancements

Several updates to Data Classification Policies and Rules are included with the File Access Manager 8.3 release, including updates to the GDPR, ICD and PII policies, and updates to the EU Phone Number rules, IBAN , and Canadian SIN# verification algorithms, Credit Card regular expression, and updated ICD Terms based on new WHO definitions. In addition, the Sensitive Data reports maximum size limitation was adjusted to the system wide maximum report size setting, with a maximum cap of 1M records.
File Access ManagerData Privacy
8.3

DSAR Campaign Workflows

Automated workflows addressing Privacy compliance requirements – such as the GDPR and CCPA right-of-access and right-to-be-forgotten – enable quick collaborations, instantaneous search results for PII data and automated verifications, and allows Privacy professionals to track and manage progress and execution performance. The Automated DSAR campaign workflows, including data discovery and reviews that address complex compliance requirements, enable quick collaboration, and cut processing time for requests from weeks to minutes. File Access Manager new AI-driven Data Privacy engine offers advances classification capabilities with NLP based contextual detection of PII data, in addition to existing classification.
IdentityIQBusiness Process Improvements
8.3

E-Signature

E-Signature: Allows configuration of Electronic Signature to use SAML when electronically signing an Access Request or Certification.
IdentityIQPrivileged Access
8.3

Elevated Access

Roles and Entitlements can be classified as Elevated Access. This provides clearer visibility when requesting, certifying, or approving the role or entitlement. This ensures that these items will be treated with greater care and can be used for reports or custom workflows.
File Access ManagerConnectivity
8.3

Google Workspace G-Drive Shared Drive Support

Extend the full File Access Manager capabilities to Google Drive Shared Drives. Enjoy full governance coverage, granular access analysis. and sensitive data analysis to these critical collaborative cloud spaces, and extend Monitoring and Forensics capabilities for External Sharing Activity to help mitigate the risk involved in such activities and collaborations.
IdentityIQBusiness Process Improvements
8.3

Microsoft Teams Integration

Allows notifications from IdentityIQ, which might otherwise be sent as emails, to be delivered to directly to users in their Microsoft Teams environment. Any IdentityIQ notification template can be sent as a Microsoft Teams notification and can include a link to the relevant area or action within IdentityIQ.
IdentityIQRoles
8.3

Role Management

Understand and analyze the access that is directly or indirectly granted through your Role model with entitlement-based role filtering across the product. Keep your Role model up-to-date via new filter options for missing/invalid entitlements or applications.
IdentityIQAI
8.3

Role Recommendations for Approvals and Certifications

In Access Requests, see which Roles are recommended for the selected user based on peer-group analysis and machine learning. Approvers will see that the requested Role was recommended, as well as the reason for the recommendation. Recommendations are also available for certification reviewers.
File Access ManagerConfiguration Administration
8.3

Unattended Collectors Installation

The File Access Manager Collector Bulk Installer, allows for an unattended and bulk installation for Windows Permission Collection and Data Classification Collectors as well as File Server Activity Monitors. These unattended installation capabilities simplifies large scale and hands-free deployment and can leveraged by automation tools to automate deployments.
File Access ManagerPlatform
8.2

.NET Core Migration

Leverage the power of the .NET Core platform with improved performance and scalability.
File Access ManagerAPI
8.2

“Classification Category” Filter in the Permission API Endpoint

Focus your queries and 3rd party integration on sensitive resources and specific categories with new API filter options.
File Access ManagerAPI
8.2

Add Usage Statistics to the Permissions API

Get information on unused access through the File Access Manager Permissions API, with new statistics added.
File Access ManagerConfiguration Administration
8.2

Administrative Capabilities to the Business Website

In the new File Access Manager Business Website, take advantage of the improved user experience, sleek interface and granular role-based control. Additionally, perform and delegate administrative operations such as configuring and managing SMTP Settings, Data Sources and Data Dictionaries with the new management screens.
File Access ManagerSecurity & Authentication
8.2

Administrative Power-User Password Complexity Improvements

Enforce password security and complexity, when setting up the File Access Manager Super-User as part of the initial product installation. This prevents the risk of leaving this powerful account insecure or the need to go back and change it later.
File Access ManagerApplication Onboarding
8.2

Application Configuration & Management Web Migration

A newly created Application Configuration Wizard and Management Screen has been migrated to the File Access Manager Business Website. Enjoy streamlined design and UX, a guided user journey through wizard hints, tagging and filtering capabilities, and delegate access with the improved RBAC.

The ability to create and manage applications, or perform operations on resources, can now be delegated to other users and Admins. They do not have to install the Legacy Client Application except for specific use cases.

The Application Configuration experience has been aligned with the new design of the Business website for easier administration and navigation between applications.

IdentityIQRoles
8.2

Automated Role Discovery and Creation

Provides a seamless experience between role creation and role governance eliminating the need to export roles and insights via CSV.
File Access ManagerConnectivity
8.2

AWS S3 Bucket Connector

Extend your governance controls and processes to your Cloud Storage and AWS tenants, and remain secure through digital transformation efforts. Leverage File Access Manager’s Permissions Analysis, Access Reviews capabilities to resources and files stored on AWS S3 Buckets, and attain a comprehensive governance posture and greater visibility into access to data on S3 buckets throughout the organization.

Analyze access rights for AWS IAM Identities across multiple Regions, Organizational Units and External and Internal Accounts. Review granular access governance controls down to the file level. Users can also gain insight into Organization and Bucket-level Access Policies, Public Bucket Permissions and fine-grained ACL-based access rights for individual identities.

File Access ManagerSecurity & Authentication
8.2

Business Website Single-Sign-On (SSO) Integration

Integrate File Access Manager with the Identity Provider of your choice with new support for all SAML-based SSO Services, in addition to the standard Windows Authentication.

Enjoy a smooth logging experience and seamless support for distributed and hybrid environments.

IdentityIQCloud Governance
8.2

CAM Integration

IdentityIQ is integrating with Cloud Access Manager to provide visibility into and governance over IaaS platforms.
File Access ManagerStandards & Compliance
8.2

Common Criteria Certification

After a rigorous evaluation process, File Access Manager received its official Common-Criteria Certification. Common Criteria is now the most widely accepted product security certification standard, required by governments and enterprises around the world to protect their mission-critical infrastructure and products. It is also required by the US Federal Government.

It ensures that the right security measures were taken into consideration and that rigorous processes and validations are taking place during:

  • The product’s development process
  • Its architectural design
  • Devising its deployment and delivery methodologies

This certification marks that File Access Manager complies with the highest industry standards in terms of:

  • Security
  • Product development life-cycle management
  • And deployment and delivery standards
IdentityIQPrivileged Access
8.2

Enhanced Lifecycle Management of Privileged Access

IdentityIQ Privileged Access Management module is being improved to automate lifecycle management of the assignment and ownership of privileged access management.
File Access ManagerReporting Improvements
8.2

Hierarchical Resource Scope for Sensitive Data and Permissions Analysis Report Templates

With the new scoping ability, easily configure the scope of your File Access Manager reports by including and managing resource hierarchies.
File Access ManagerConnectivity
8.2

Isilon Multiple Access Zone Support & Tenant Isolation

File Access Manager now offers Tenant Isolation and Full Capabilities for Multiple Access-Zones on Isilon Clusters.

With the addition of Activity Monitoring and Permission Collection capabilities for Multiple Access-Zones within an Isilon Cluster and removing the dependency on the Administrative (System)-Zone-based OneFS API, each Access Zone within the cluster functions as an independent Isilon Application within File Access Manager.

This enhancement marks the transition in approach from a Cluster-Oriented to a Zone-Oriented configuration. The new configuration will allow users to easily configure applications per Access Zone settings, now allowing for multiple Access Zones on the same cluster to be created with ease.

File Access ManagerConnectivity
8.2

Linux Connector

Protect your mission-critical Linux servers, and ensure the integrity and continuous availability of the resources and unstructured data they rely on. File Access Manager’s new Linux Connector analyzes access rights, performs Access Requests and Certifications, and identifies and classifies sensitive information on your Linux systems, of all major distributions.

Through a single centralized view, this feature provides organizations with a comprehensive picture of effective data access privileges granted to users, accounts and groups from NIS and LDAP (AD) identity stores, as well as local accounts and identities.

File Access Manager’s approach will allow IGA admins and data owners to enforce governance controls, identify sensitive information, excessive privileges and overly-privileged accounts, detect overexposed or jeopardized resources, and assess risk. Then, preventive and mitigative actions can be taken to protect mission critical processes and resources.

File Access ManagerSecurity & Authentication
8.2

OAuth-based Modern Authentication for O365 Connectors

Enjoy easier configuration and onboarding, improved performance, and increased security with your Cloud Applications!

  • OAuth-Based Modern Authentication is now available for SharePoint Online, Exchange Online, and the Azure AD Identity Collector and OneDrive.
  • File Access Manager supports Modern Authentication methods for all O365, and all cloud endpoints in our Connectivity Portfolio.
  • Legacy Authentication, which Microsoft is gradually aging out is no longer required.

With no credentials shared or stored, the risk of jeopardizing service accounts is reduced. You can impose Security Policies, such as Multi-Factor Authentication and Credentials Cycling, on service accounts with no additional effort just as you would for all other accounts. As part of this change, we also added support for multiple authenticated accounts to improve performance and avoid throttling quotas.

IdentityIQRapid Setup
8.2

Rapid Setup

Continuing to build on Rapid Setup, we are working on adding Identity Processing Thresholds for Rapid Setup and non-Rapid Setup lifecycle events. We are also making improvements to OOTB Attribute Synch that will be tied to Rapid Setup to allow for capabilities such as staged event processing and better traceability of attribute synch events.
IdentityIQReporting
8.2

Reporting

Reporting needs continues to be of utmost importance to a compliant governance program. Many key improvements are being made to IdentityIQ reports.
File Access ManagerResource Navigation
8.2

Resource Explorer – Web-based Resource Navigation

Easily navigate and manage Data Assets and Resources with the File Access Manager Web-based Resource Explorer.

Enjoy:

  • The File Access Manager Website slick user-experience
  • Global & Scope based just-in-time search with auto-complete
  • Resource Name & Full Path simultaneous matches
  • Breadcrumb trail & shortcuts for easier navigation
  • Paging & perpetual scroll
  • Improved performance & reduced clutter
File Access ManagerReporting Improvements
8.2

Resource Scoping and Ownership Filtering in the Stale Data Reports

Reduce your attack surface by defensively discarding unused information, and save storage cost and administrative overhead. Identify Stale Data and unmanaged resources that store unused files with the new capabilities to scope and filter your Stale Data Analysis reports. Zoom in on the most critical resources and identify those which no one is responsible for to highlight the areas you need to address first.
IdentityIQUX
8.2

Self-service Password Reset Improvements

Improvements to the self-service password reset flow are being made to streamline the user experience.
IdentityIQAccess Requests
8.2

Support Business Justifications for Access Requests and Approvals

Administrators can optionally require that access requests and access approvals to specific roles, applications, or entitlements be accompanied by a business justification.
File Access ManagerReporting Improvements
8.2

System Usage Report

With the newly added System Usage Report, view and analyze aggregated usage statistics to help us learn what you like and dislike. This allows us to perfect the most used flows and correct the ones that aren’t as smooth.
File Access ManagerAccess Requests
8.2

Top Level Requestable Resource Labeling

With a new labeling feature, organize your requestable resources and simplify users’ access requests experiences. This will help make sense of complicated, duplicate, or unfriendly resource names, and allow you to conform to your organizations naming conventions and standards.
File Access ManagerBusiness Website RBAC Enhancements
8.2

User Scope Change Management & Default Capability

The new User Scope Import capabilities allow change management and cumulative imports of resource scopes for business users, as well as a streamlined ownership assignment process, allowing you to assign Data Ownership Capabilities. This can be done by leveraging Manage Business Users visibility over time, simplifying users onboarding within the organization, and expediting deployment and adoption efforts.

For a quicker more intuitive onboarding, the default scope for the Auditor and Compliance Manager Capabilities have been adjusted to manage all resources by default.

IdentityIQAccess Requests
8.1

Access Management Enhancement

A new Quicklink configuration setting (“What can members remove?”) gives you flexibility and control over what users can view and remove on the Remove Access tab, when managing user access.

IdentityIQPlatform
8.1

Alerts Expansion

New SCIM API for alerts, allowing the creation of new alerts (POST) and checking the status of existing alerts (GET).
IdentityIQAI
8.1

Automated Approvals in Access Reviews

Add efficiency and speed to your approval process by allowing automatic approval of access based on recommendations from IdentityAI.
IdentityIQCertifications
8.1

Certification Enhancements

Make the certification process clearer and more transparent for both reviewers and users by requiring reviewers to include comments when revoking access in a certification, and by showing more entitlement details to reviewers about the roles they are reviewing.
IdentityIQFAM Integration
8.1

Classifications for Sensitive/Protected Data Access

Protect the security and integrity of your access governance practice by using custom classifications to categorize and flag sensitive access. Classifications can alert you when requesting, granting, or approving roles or entitlements will give the user access to sensitive, protected, or otherwise significant data.
IdentityIQAccessibility
8.1

Expanded 508/WCAG Compliance

The Edit Preferences page is now 508/WCAG compliant, and is enhanced with a user-friendly multi-tab format.
IdentityIQPlatform
8.1

Expanded OAuth Support

IdentityIQ now supports OAuth on all REST endpoints within IdentityIQ, including the Plugin Framework.
IdentityIQFAM Integration
8.1

Integration with File Access Manager

Bring key data governance features to the IdentityIQ business user by integrating with File Access Manager. This integration puts a Data Governance menu and widgets on the IdentityIQ dashboard, providing direct access to the File Access Manager website and giving users the context needed to make informed access decisions.
IdentityIQAI
8.1

Localization of Recommendations

Expand the global use of IdentityAI recommendations for access requests or certifications, by presenting recommendation information in English, German, French, Dutch, Spanish, and Italian.
IdentityIQPlatform
8.1

Support for Google Cloud Platform

Hosting IdentityIQ within Google Cloud’s IaaS Platform is now a supported option.
IdentityIQAI
8.0

Artificial Intelligence for Guiding Access Decisions

Gain deeper visibility into managing the risks associated with user access, using the artificial intelligence and machine learning capabilities of SailPoint’s AI Services. A simple, out-of-the-box integration with AI Services gives you the power of artificial intelligence insights, providing guidance for decisions on access reviews and access request approvals.
IdentityIQAccess Requests
8.0

Automatic Deprovisioning of Expired Roles and Entitlements, with Notifications

Add security and efficiency to certifications by enabling the automatic deprovisioning of roles and entitlements when a temporary exception period expires. Manage time-limited access proactively by enabling email notification of impending sunsetting and deprovisioning of roles and entitlements.
IdentityIQAdministrator Tools
8.0

Changes to Logging

Support for version 2 of Log4j adds new logging capabilities (specifically, change listening), and changes the logging configuration file name and logging syntax.
IdentityIQAccess Requests
8.0

File Attachments in Access Requests

Add essential attachments such as training certificates or notarized authorizations to access requests. You can make attachments can optional or required, and use rules to define specific requirements.
IdentityIQUX
8.0

New Context-Sensitive Help

New context-sensitive help to Targeted Certifications, Access Reviews, and Access Requests.
IdentityIQReporting
8.0

New Reports for Capabilities

See how access to features within IdentityIQ are assigned to identities in your system, using new reports mapping identities and capabilities.
IdentityIQPlatform
8.0

OpenJDK Support

IdentityIQ version 8.0 supports OpenJDK.
IdentityIQPlatform
8.0

Plugin Framework Enhancements

Expanded plugin features include the ability to leverage classes contained in plugins from any area or feature of IdentityIQ where BeanShell can be used (such as rules, workflow steps, and scriptlets), and support for forms in the plugin configuration UI, giving you more ways to present complex or dynamic options in the plugin’s configuration page.
IdentityIQAccess Requests
8.0

Responsive Approvals – UI Enhancements

An expanded default view for Approvals provides full information for all approval items, making it quick and simple for approvers to review and process access requests from a single page, without having to open each item individually to see details and take action.
IdentityIQAdministrator Tools
8.0

Support for Piped Commands in the IIQ Console

Filter or redirect IIQ console output using piping.
IdentityIQAccessibility
7.3

Accessibility: 508 and WCAG 2.0 Compliance

Users with disabilities such as visual and motor impairments now have enhanced accessibility in IdentityIQ’s UI, which follows worldwide WCAG 2.0 and United States 508 Compliance guidelines for keyboard navigation, focus control, screen reader support, and color contrast.
IdentityIQPlatform
7.3

Bulk Management of Applications

Onboard and manage applications in bulk using a new task that facilitates simple creation and maintenance of multiple applications.
IdentityIQCertifications
7.3

Certification Enhancements

Expanded options for self-certification give finer-grained control over who may validate their own access.
IdentityIQPrivileged Access
7.3

Credential Cycling for Privileged Access Management

Make privileged access more secure and convenient by enabling applications that require a login and password to obtain that information directly from a PAM source at runtime.
IdentityIQPolicy
7.3

Effective Access SOD

Enforce separation of duties for effective entitlements using a purpose-built new policy type.
IdentityIQUX
7.3

End user Experience Enhancements

Four of IdentityIQ’s most commonly-used user interfaces have been updated to be simpler, more intuitive, streamlined, and mobile-friendly: Access Reviews, Access Requests, Work Items, and Managing User Access.
IdentityIQAdministrator Tools
7.3

Environment Monitoring for Hosts and Applications

Track the health of both cloud-based and on-premise IdentityIQ environments and enjoy better visibility into the state of your environment using new monitoring and troubleshooting features.
IdentityIQCertifications
7.3

New Certification Type: Targeted Certification

Easily build flexible, full-featured certifications from an intuitive and user-friendly new UI that gives users more control over who, what, and when to certify.
IdentityIQPlatform
7.3

Process Resiliency

New resiliency features help ensure that cloud-based implementations of IdentityIQ are resilient to the dynamic nature of cloud-hosted environments, and help on-premise implementations minimize the impact of outages, database failures, et cetera.
IdentityIQRPAs
7.3

Robotic Process Automation (RPA) Governance

Add robust governance of Robotic Process Automation (RPA or “bot”) identities using new controls and attributes to categorize identities by type.
IdentityIQCertifications
7.2

Access Review UI Enhancements

All Access Review UIs now use the enhanced and streamlined UI that was introduced in release 7.1.
IdentityIQAdministrator Tools
7.2

Application Maintenance Windows

Avoid unexpected downtime by setting maintenance windows for applications; you can specify when applications are taken offline for maintenance, preventing any interactions with the application’s target system.
IdentityIQPlatform
7.2

Multi-factor Authentication

Make your IdentityIQ access more secure by adding multi-factor authentication.
IdentityIQPlatform
7.2

Plugin Framework Enhancements

Enhanced functionality for plugins includes internationalization, snippet support, Angular support, and the ability to implement your plugin as an IdentityIQ widget.
IdentityIQPolicy
7.2

Policy Violation UI Enhancements

Processing violations is easier and more intuitive with a new Policy Violations user interface.
IdentityIQPlatform
7.2

SCIM API Additions

Additional endpoints added to the IdentityIQ SCIM interface.
IdentityIQFAM Integration
7.2

SecurityIQ Alert Collector

Share valuable contextual information about processes between IdentityIQ and SecurityIQ by aggregating activity alert records from SecurityIQ, and use this data to trigger workflows, certifications, and/or notifications in IdentityIQ in response to those alerts.
IdentityIQFAM Integration
7.2

SecurityIQ Target Collection

Gain a more complete a more complete picture of the access users have on unstructured resources like network file shares, SharePoint, cloud file stores, et cetera, by aggregating unstructured target permissions data from SecurityIQ into IdentityIQ.
IdentityIQAdministrator Tools
7.2

Task Management

Enjoy better visibility and control of tasks using a new new task management administrator UI. Monitor task status and performance, choose specific hosts for running tasks, and gather stack trace details.
IdentityIQAccess Requests
7.2

Track my Requests UI Enhancements

New enhanced, responsive UIs make tracking requests simpler and more intuitive for requesters and request owners.