Login  
Hello there!

Need Help? We are right here!
miniOrange Support
miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Version 2.3.0

Release Date: 26th September, 2025

Release Summary


We are excited to announce the general availability of PAM Version 2.3.0, a major release that significantly expands our Privileged Access Management solution with the launch of the new Endpoint Privilege Management (EPM) 1.0.0 module.

This release delivers a comprehensive PAM solution, extending privileged access control from core infrastructure to endpoints. PAM 2.3.0 focuses on delivering stronger, more granular security and governance controls, expanded database and thick client connectivity, and a greatly improved user experience with powerful new session management and search capabilities.


New Features & Enhancements:


Security and Governance

  • Granular Per-Resource Policies: Administrators can now apply specific security policies on a per-resource basis for finer control. Key policies include:
    • Enforcing Multi-Factor Authentication (MFA) for resource access.
    • Configuring session recording and live streaming.
    • Enabling or disabling event auditing.
  • Database Command Restrictions for MySQL: A new filtering engine has been introduced to enforce command restrictions within MySQL sessions, preventing unauthorized or destructive queries and strengthening database security.
  • SIEM Integration: Natively forward audit logs and security events to your SIEM platform for centralized security monitoring, correlation, and enhanced threat visibility.
  • SSL Certificate Lifecycle Management: A new Certificate Manager allows you to manage the entire lifecycle of your SSL certificates directly within the PAM console, ensuring no unexpected expirations.
  • Access Based on Working Hours: Define and enforce access policies that restrict user access to resources based on predefined working hours or timeframes.

Expanded Connectivity and Integrations

  • New Thick Client Support: Added native support for connecting to MS SQL and Oracle DB via their respective thick clients, enabling a seamless experience for database administrators and developers.
  • Enhanced File Transfer Capabilities:
    • SFTP for Thick Clients: Integrated SFTP support for Thick clients (FileZilla, WinSCP etc)
    • SMB Protocol Support: Added support for the SMB protocol for file transfers in web-based sessions.
  • Credential Checkout: Users with appropriate permissions can now check out credentials to securely access managed servers and systems externally.
  • Scoped API Access with OAuth 2.0: External systems can now integrate with PAM APIs using the industry-standard OAuth 2.0 Client Credentials flow. This provides secure, scoped access control with JWT tokens for programmatic interactions.

Expanded Connectivity and Integrations

  • Global Search powered by Elasticsearch: A new powerful global search functionality has been integrated. Instantly find any entity within PAM, including resources, users, policies, groups, roles, and audit logs.
  • Enhanced RDP Browser Sessions:
    • Bi-directional File Transfer: Users can now transfer files in both directions (local machine to remote desktop and vice-versa) during RDP/Web application browser sessions.
    • Keyboard Shortcut Support: Common Windows keyboard shortcuts (e.g., Windows key + D, Alt+Tab) are now supported in browser-based RDP and VNC sessions.
  • Advanced Session Auditing:
    • Command Logging for RDP: Comprehensive command logging for both Command Prompt (CMD) and PowerShell sessions initiated via Web or thick client RDP access.
  • Customizable Notifications and Reports:
    • Fully Customizable Email & Notification Templates: Modify the content, look, and feel of email notifications to match your organization's branding and communication standards
    • Scheduled Audit Reports: Configure and schedule jobs to automatically generate and send audit reports via email to designated recipients.
  • Proactive System Alerts:
    • Resource Expiry Alerts: Automatically receive alerts before an allocated resource's access period expires, preventing service disruptions.
    • Storage Space Notifications: Administrators are now alerted when the system's storage capacity is nearing its limit.

System Reliability and Monitoring

  • System Health Checks: Proactive health monitoring for critical services including Unix services, Redis, and MySQL, with automated email alerts for administrators in case of failures.
  • Improved Scalability: Implemented a Subscriber Worker Pool architecture to enhance system performance, reliability, and scalability for handling concurrent operations.

Bug Fixes:


  • Resolved an issue where the password policy validator incorrectly handled certain special characters, leading to validation failures.

Introducing Endpoint Privilege Management (EPM) – Version 1.0.0

This release marks the official launch of our Endpoint Privilege Management (EPM) module, seamlessly integrated into the PAM platform. EPM secures your endpoints by enforcing least privilege principles and providing just-in-time access controls.

Key EPM features include:

  • Privilege Elevation Control: Manage just-in-time (JIT) privilege elevation for applications and tasks on Windows and macOS endpoints through granular, automated policies.
  • Application Control: Enforce security policies by creating rules to restrict or allow the execution of specific applications based on user roles and security context.
  • Comprehensive Audit & Monitoring: Gain full visibility into endpoint activities. All privileged actions performed on endpoints are tracked within the unified PAM platform, providing detailed audit trails for compliance and threat detection.

Important Upgrade & Installation Notes:


  • Configuration File Migration: The primary configuration file has been migrated from conf.yaml to a .env file format. All administrators must review and migrate their existing configurations to the new .env file before initiating the upgrade process.
  • Oracle DB Driver Requirement: To use the new Oracle DB thick client support, the required Oracle client drivers must be installed on the machine from which the connection is being made.
  • Deployment Options: Flexible deployment options are available, including containerized deployments and a standard Windows installer.

For any questions regarding the upgrade or the new features in PAM 2.3.0 and EPM 1.0.0, please contact our support team at idpsupport@xecurify.com.