MFA Abandoned Detection, Footers in Notifications, & Smoother Add to List Experience
π New Feature Alert π
The Verosint team is at it again! New features and improvements are here to make threat detection and response faster, smarter, and more seamless.
What's New?
-
New Event Type: MFA Abandoned
-
Verosint now supports the "MFA Abandoned" event type.
-
This captures when a user begins MFA but doesnβt complete it, helping you identify potentially suspicious activity.
MFA Abandoned event type in Event Explorer filters
-
-
Footer Added to Notifications
-
All notifications from Monitors and Workflows actions (Email, Slack, Teams) now include a footer for clear context.
-
The footer shows which Monitor or Workflow itβs referring to and confirms it was sent to the intended workspace.
Example notification with footer in Slack
-
Why Does This Matter?
- Detect risky authentication behavior earlier, like users abandoning MFA mid-process.
- Greater clarity and confidence in your alerts, so you know exactly where they came from and where they went.
π Improvements Alert π
What's New?
-
Improved βAdd to Listβ in Event Explorer
-
The Add to List experience in Event Explorer now matches the rest of the Verosint platform. Add items to a list, set an expiration, and add an optional description!
-
You can now add Sessions directly to a List from Event Explorer, previously only possible from the Lists UI.
-
This update makes tracking and organizing items faster and more consistent across the platform.
-
Why Does This Matter?
- Investigations are faster and more seamless β no need to jump back and forth between Explorer and Lists to track suspicious activity!