✨ New Feature Alert ✨

Meet Vera, the first agentic AI security analyst purpose-built for Identity Threat Detection and Response.

Vera is now available in beta through our early access program.

What's New?

Vera is an agentic AI security analyst that:

  • Understands your environment and user behavior
  • Detects and triages threats in real time
  • Acts directly inside your collaboration tools (Slack, Teams)
  • Investigates and recommends appropriate actions
  • Learns from each interaction and builds automated response playbooks

Vera is fast, contextual, and precise. And most importantly — Vera is useful and designed to improve your productivity and security from the minute you turn her on.

Why Does This Matter?

Vera allows organizations to respond to the onslaught of identity threats without stretching resources thin or expanding their headcount. Here's how Vera changes the game:

  • Continuous Investigation: Investigate new identity security incidents instantly including bulk-analysis of prior events.
  • Live Threat Triage and Response: Direct Vera to take targeted actions such as revoking sessions, suspending users, blocking IPs, or requiring adaptive authentication.
  • On Demand Reporting and Visualization: Vera can generate custom incident reports and visual insights directly within the conversation.
  • Slack and Teams Integration: Engage with Vera without leaving your existing productivity tools, responding as you would to a security analyst team member.
  • Automated Playbook Creation: Vera recommends and builds automated response playbooks to continuously lower risk and improve response times.

If you're ready to set new standards for identity security efficiency and effectiveness, sign up for our Early Access program to get started with Vera.

🌟 New Feature Alert 🌟

You can now search and filter event activity by Source in Event Explorer, giving you more precise control over how you investigate identity events and user behavior.

What's New?

  • A new "Source" field is now available in Event Explorer's search and filter options.
  • You can view and analyze event activity grouped by Source.
Filter by Source in Event Explorer

Filter by Source in Event Explorer

Quickly see source details for each account

Quickly see source details for each account

Why Does This Matter?

  • Investigators and analysts can now pinpoint where activity originated, which is crucial for tracing suspicious behavior or diagnosing integration issues.
  • It enhances threat hunting by allowing you to isolate events from specific sources with ease.
  • It makes it easier to verify legitimate vs. anomalous activity by source context.

🌟New Feature Alert 🌟

You can now get even more context from your SIEM! We’ve expanded SIEM logging to include workflow evaluations, giving your security team deeper visibility into automated decision-making.

What’s New?

  • In addition to threat-related events, SIEM logs now also include workflow evaluations — so you can trace the logic and decisions behind automated pre-authentication responses.

    Configure threats and workflow evaluation logs to your SIEM

    Configure threats and workflow evaluation logs to your SIEM

  • Configuration: Head to Settings → SIEM Logs to enable workflow logging for your specific SIEM setup.

Why Does This Matter?

  • Greater Transparency – Know why an action was taken, not just what happened.
  • 🔎 Easier Troubleshooting – Understand the full flow of events across detection and response.
  • 🧠 Smarter Tuning – Use workflow logs to improve your automation logic and threat responses.

🌟 New Feature Alert 🌟

You asked, we delivered—Dark mode is here! Whether you're burning the midnight oil or just prefer a darker aesthetic, you can now toggle Dark mode for a more comfortable viewing experience.

What's New?

  • Added support for Dark Mode across the Verosint application.
  • Automatically respects your system preference (light or dark).
  • Includes a toggle in User Settings > Display for manual switching.

Why Does This Matter?

  • Reduces eye strain, especially in low-light environments.
  • Improves battery life.
  • Enhances focus with a sleek, modern interface
  • User-requested feature—now live thanks to your feedback!

💜 Improvements Alert 💜

What's Improved?

You asked, we delivered! We've enhanced the Account Intel page with a new Last 30 Days Events tab, making it easier to investigate specific accounts without context switching.

Last 30 Days Events tab in Account Intel

Events tab in Account Intel

Why Does This Matter?

  • Responding to customer feedback, we made it faster and more seamless to investigate account activity.
  • You can now get a fuller picture of account activity in one place - without switching over to Event Explorer.
  • Helps streamline investigations and enhance efficiency when analyzing user behavior.

Check it out and let us know what you think! 🚀

💜 Improvements Alert 💜

What's Improved?

  1. Clearer Threat Card Status – We've updated the UI to make it easier to distinguish between Active and Resolved Threat Cards. Resolved Threat Cards now feature a green line and green text for their resolved status.

    Easy to distinguish between Active and Resolved threat cards

    Easy to distinguish between Active and Resolved threat cards

  2. Better Table Alignment in Event Explorer – We’ve fine-tuned the alignment of data in table columns, ensuring that information is clearly readable in the right place.

    :sparkles: Look at those cleanly aligned columns in the Session table :sparkles:

    ✨ Look at those cleanly aligned columns in the Session table ✨

Why Does This Matter?

  • Faster threat assessment – The visual update helps you instantly recognize resolved threats, reducing cognitive load.
  • Smoother investigations – Proper column alignment means less guesswork and faster decision-making when analyzing events.

🌟 New Feature Alert 🌟

We've made major improvements to how you detect and respond to threats:

  1. New Threat: Breached Since Password Reset – Detects accounts where the password was reset, but the associated email has since appeared in a breach.

  2. Threats Organized by Severity – Quickly see which threats need your attention first.

    New threat: Breached since Password Reset

    New threat: Breached since Password Reset

Why Does This Matter?

  • Proactive Security: Catch at-risk accounts even after a password reset.
  • Clearer Focus: The Threats page now directly highlights Critical, High, and Medium severity risks.
  • Faster Response: Prioritize and remediate threats with severity grouping.

Stay ahead of identity threats with these new updates! 🚀 As always, we'd love to hear any and all your feedback. 😊

🌟 New Feature Alert! 🌟

What’s New?

  1. OVERVIEW tab – A dedicated tab that provides key security metrics over a selected date range, helping you track trends and measure progress. Data is available starting from October 1, 2024, the earliest point in our threat records. Of course, we'll be adding more tiles to this overview tab in the future - stay tuned!

    1. Critical Threats: This tile displays the number of critical severity threats that were generated during the date range selected. Critical severity threats indicate compromised accounts, such as Account Takeover and Session Sharing.
    2. High Threats: This tile displays the number of high severity threats that were generated during the date range selected. High severity threats indicate attacks in and on your workspace, such as Brute Force Attack, Credential Stuffing Attack, MFA Fatigue Attack, and MFA Location Mismatch.
    3. Resolved Threats: This tile displays the number of threats that were resolved during the date range selected, broken down by sub-status: Remediated, No Action Taken, or False Positive.
    4. Mean Time To Remediate (MTTR): This tile displays the average time it takes for all threats to transition from Active to Resolved: Remediated, providing insight into your team's threat resolution speed and efficiency.
    5. Rate of Compromise %: This tile displays the number of unique compromised accounts over the number of unique accounts that were attacked over the selected date range, providing insight into the effectiveness of your defenses in preventing account takeovers.
    The new Overview tab helps you demonstrate the impact of your ITDR strategy.

    The new Overview tab helps you demonstrate the impact of your ITDR strategy.

  2. RISKS tab – The System Overview is now located in the Dashboard as the Risks tab, keeping all critical insights in one place.

Why Does This Matter?

  1. Help C-Suite Gain Measurable Insights – The Dashboard now delivers a clear view of security outcomes, including reductions in threat-related costs and improvements in operational efficiency.
  2. Demonstrates Business Impact – Directly see how your investment in Verosint improves security, reduces risk, and enhances ITDR effectiveness.
  3. Better Performance Tracking – Measure how your security team is managing threats over time, with clearer insights into risk trends and response effectiveness.

Explore the new Overview and Risks tabs in your Dashboard today! 🚀

🌟 New Feature Alert 🌟

We’ve rolled out major enhancements to Verosint, making it easier to integrate with Microsoft Entra, streamline threat response actions with a new Analyst role, and investigate Account Takeover (ATO) threats with greater context.

What’s New?

Microsoft Entra Integration – With this integration, you can:

  • Stream Microsoft Entra events into Verosint for proactive threat detection and response
  • Enrich user profiles with key metadata for better visibility and analysis
  • Take action directly from Verosint by revoking sessions or suspending accounts in real time
Set up Threat Response for Microsoft Entra on the Verosint Settings page

Set up Threat Response for Microsoft Entra on the Verosint Settings page

New Analyst Role – A middle ground between Read-Only and Admins, Analysts have the complete toolkit for responding to and preventing threats...

... without access to admin-level settings like billing, integrations, or user management.

Enhanced ATO Investigation – From the ATO card, you can now use the See More button to pull up the Event Details panel for the exact event where the ATO occurred, giving you deeper context before diving into Account Intel.

See more event details for an Account Takeover threat so you have all the context you need

See more event details for an Account Takeover threat so you have all the context you need

Why Does This Matter?

🔹 Stronger security automation with Microsoft Entra’s integration.
🔹 More granular role management with Analyst permissions tailored for security teams.
🔹 Faster, more informed investigations with direct access to ATO event details.

🚀 Start using these features today!

🌟 New Feature Alert 🌟

You can now integrate Verosint's SIEM Threat Logs with Datadog, making it easier to monitor threats in real-time within your preferred security and observability tools.

What’s New?

Datadog Integration – Send threat logs directly to Datadog as threats are detected.
Seamless SIEM Support – Expand your security visibility by integrating with your SIEM of choice.
Single Pane of Glass – View all threats from multiple sources in one place, improving efficiency and response times.
Built for Enterprise Security – Enterprise organizations expect ITDR solutions to integrate with their SIEM—Verosint delivers!

Why Does This Matter?

Security teams rely on real-time threat intelligence to act quickly. By integrating SIEM Threat Logs with Datadog, you can correlate threats with broader security events, streamline investigations, and improve response times—all within your existing security workflows.

🚀 Start leveraging the Datadog integration today!