Feature Update

Nudge Security provides a variety of editable fields for each application and account in your environment, such as approval status, compliance scope, and SSO provider. Now, we’ve made it easier for you to understand how and when these fields are modified over time. 

‍

Any time a field update occurs, Nudge Security tracks when it happened and which user or automated process initiated it. You can view a timestamped list of each field’s history to understand when changes have occurred and who made them.

‍

We’ve added a new chart showing the rate of adoption for each of your organization’s applications, helping you understand how and when an app has gained traction among your employees. Visualize how your users have adopted an app over time by filtering the chart to see how many users have been added in the last day, week, month, year, or all-time.

‍

We’ve added the ability to export user group data with the addition of an “Export CSV” button on the Groups page. Now, you can download a CSV file containing all of your organization’s groups and each one’s primary email, number of members, number of accounts, and risk score, as well as permissions to join, read messages, and manage members.

‍

We’ve added a new nudge to help you verify whether OAuth grants for Google Workspace or Microsoft 365 are still in use before revoking them, so you can avoid any potential business disruption. When you nudge a user about an OAuth grant you hope to revoke, your user will receive an email or Slack message asking them to confirm whether they’re still using the integration. Once the user confirms that the integration is no longer in use, the OAuth grant will be revoked automatically.

‍

To provide customers with more granular access controls, Nudge Security has added a new user role that enables use of the employee offboarding playbook without requiring administrative access. Now, Nudge Security provides the following user roles:

• Personal View - Visibility limited to the user’s individual SaaS accounts
• Organizational View - Visibility of all SaaS across the organization and the ability to run playbooks, with the exception of Employee Offboarding
• (new) Organizational View plus Employee Offboarding - Visibility of all SaaS across the organization and the ability to run all playbooks, including Employee Offboarding
• Administrator - All of the access listed above as well as administrative controls, such as the ability to invite new users, manage user roles, and change organizational settings

‍

For each application your employees are using, Nudge Security provides contextual information that you can use to accelerate security reviews.

‍

We've enhanced this security context by adding a summary of the forms of multi-factor authentication each application offers. Now, you can easily assess which options are most appropriate for your workforce, or determine if an application doesn’t meet corporate security guidelines if the available options aren’t sufficient.

‍

We’ve made it easier to focus on your most relevant accounts by introducing better default filters. Now, we’re filtering deleted accounts and suspended Google Workspace users out of account lists by default. If you want to see the accounts that have been excluded, all you need to do is modify the filter settings at the top of the page.  

‍

‍

We’ve made it easier to manage your company’s AWS footprint by adding two new dashboard views to the Amazon Web Services app overview. Now, you can see your AWS Organizations and the accounts associated with them, as well as your unmanaged accounts. You can search, filter, and export the data.

‍

You can see a full list of your AWS Organizations, with the accounts associated with each AWS Organization nested underneath for easy navigation.

‍

You can also see a list of the unmanaged AWS accounts that aren’t currently associated with an AWS Organization, helping you catch rogue or abandoned accounts before they introduce unnecessary costs or risks.

Together, these two new views make it easier for organizations with large numbers of AWS accounts to explore and manage their AWS infrastructure.

We’ve enhanced the data we display for Google Workspace users, giving you a better snapshot of each employee’s profile at your organization. Now, you can see an employee’s department, division, cost center, location, organization name, and title from directly within the user summary view. We’re updating these fields automatically using metadata from Google Workspace and displaying it in the UI at the user level.

‍

‍

We’ve simplified the process for customers to export data from Nudge Security.

‍

Now, all you need to do to export data is click the “Export CSV” button in the upper right hand corner of each screen. 

‍

Check it out in the screenshot below. In this example, exporting data from the Apps view will give you a CSV file of all of your organization’s applications, including each app’s name, labels, category, number of accounts, first user, and date first seen in your environment. 

‍

The social media tab within our attack surface dashboard is now generally available. Nudge Security discovers all the social media accounts tied to your corporate email domains and helps you understand who owns them.

‍

With this functionality, all customers and trial users can now:

• Quickly see all social media accounts associated with your organization
• Discover employees who have created personal social media accounts using corporate emails 
• Easily identify who to contact in case of security issues with your organization’s social media accounts

‍

Check it out in the screenshot below, and learn how this fits into our overall SaaS attack surface management capabilities in our recent blog post.

‍

‍