🌟 New Feature Alert 🌟

You can now add Applications, Device IDs, and Session IDs to a List for even more flexibility in your workflows and monitors!

What's New?

• You can now add even more to your lists, including:

  • Applications
  • Device IDs
  • Session IDs

Why Does This Matter?

• 📋 Expands the power of Lists, making them more useful across a broader set of use cases.
• ⚙️ Helps streamline automation, investigations, and automated response actions.
• 🚀 Coming soon: Add your own custom workspace data to your lists.

🚀 Other Improvements 🚀

1. ⬇️ Event Data Export for All Users: All users, including Read-Only, can now download event data directly from Event Explorer tables.

2. 💳 Payment Hash Details: New side panel for Payment Hash nodes in the SignalPrint graph, providing quick context where previously there was none.

3. 📍Better Handling of Non-Routable IPs: Side panels for non-routable IPs now display “Location unavailable” instead of showing nothing—clearer, cleaner, and less confusing.

🌟 New Feature Alert 🌟

What's New?

• Search for Custom Workspace Data in Event Explorer

  • You can now search for custom event data (previously only viewable) directly in Event Explorer filters.

    

• Detailed Breach Information in Event Details Panel

  • Added visibility into which breach an email was in and the breach date, alongside existing breach count and most recent breach date.

    

Why Does This Matter?

• Enables deeper investigations by letting you run queries against your own custom data.
• Provides richer breach context for accounts, making it easier to prioritize follow-up actions.

💜Improvements Alert:purple_heart:

What's New?

• Updated Starter Copy for Notification Actions in Workflows

  • The starter copy for Email, Slack, and Teams messages now include workflow name, account ID, email, rule outcome, and reason. This starter copy can be modified.

  • Added helper text with a link to the list of available variables for customizing your own messages.

    

• Improved Threat Card Design

  • Streamlined key details for better readability and faster actionability.

    

Why Does This Matter?

• Notifications now give you all the context you need to act immediately on a rule evaluation.
• Improved threat card design reduces cognitive load, helping you spot key details at a glance.

🌟New Feature Alert 🌟

You can now set up Teams, Slack, or Email notifications as Actions in your workflows so your team is instantly informed when a rule is triggered. ⚡

What’s New?

• 🧠 Workflows actions — Add optional actions, including notifications, to any rule where the conditions are met.
• 💌 Send email — Pick your recipients and customize the message. The message field supports markdown.
• 💬 Send Slack or Teams notifications — Choose the channel and drop alerts right into your team’s existing workflows. Pun intended.
• 🪄 No blank slates! — Message bodies come pre-filled with a dynamic reason (e.g., “Risk is Impossible Travel and New Device”) so you’re never starting from scratch.
• ⚙️ Test it out in EVALUATE tab — Try it out in real time using the Evaluate tab. Yes, the action will run!

Why Does This Matter?

This release enhances your workflows, sending the right information to the right people, right away. Whether it’s routing alerts to a #security Slack channel, pinging a Teams group, or emailing an analyst, your rules now trigger real-time, actionable communication.

This is just the beginning. Soon, you'll be able to add more Actions like add to/remove from list, revoke all sessions, etc. Stay tuned—we're just getting started. 🚀

🌟 New Feature Alert 🌟

Build more sophisticated workflow rules with powerful OR logic and filter grouping! 🎉 Create nuanced filtering scenarios without resorting to complex CEL rules. Now you can handle advanced conditions with an intuitive point-and-click interface.

What's New?

• OR Logic at Top Level: Choose between AND or OR logic when combining filters in your workflow rules, giving you flexibility to create broader or more specific conditions.

• Group Filters: Organize related filters into logical groups, each with its own AND/OR operators. Perfect for creating complex "if this OR that" scenarios within your rules.

• Visual Filter Grouping: Group filters are displayed in visually distinct containers, allowing you to understand your rule logic at a glance.

Why Does This Matter?

• Reduced Complexity: Handle sophisticated filtering scenarios without writing custom CEL rules—simply point, click, and configure.

• Enhanced Flexibility: Create rules that catch threats across multiple conditions or risk profiles, improving your security coverage.

• Better Rule Management: Visual grouping makes complex workflows easier to understand, edit, and maintain over time.

🌟 New Feature Alert 🌟

Now you can receive threat notifications exactly where your team is already collaborating—in Microsoft Teams! 🎉 Stay ahead of identity threats without ever leaving your Microsoft Teams instance.

What’s New?

1. Send Threat Notifications to Microsoft Teams: Connect your Microsoft Teams instance to Verosint to receive real-time threat notifications where your team already works.
2. Select Desired Teams & Channels: Choose which Teams and Channels receive specific threat types or severity levels.
3. Real-Time Alerts: Get notified the moment suspicious activity is detected, in the tool where your team already works and communicates.

Why Does This Matter?

• Faster Response Time: Meet threats where your team is, cutting down the time between detection and action.
• Flexible Delivery: Route different types of threats to different Teams or Channels, so the right people are looped in immediately.
• Incident Response-Ready: Your team can triage and respond to threats and incidents detected by Verosint directly from within Microsoft Teams.

🌟 New Feature Alert 🌟

You can now use Workflows with your Microsoft Entra integration, bringing the power of automation to one of the most widely used identity providers in the enterprise space.

What’s New?

1. Our powerful Workflows feature now supports Microsoft Entra, allowing you to build and automate security workflows based on Entra-driven activity.
2. Automatically trigger workflows when user events from Entra are ingested by Verosint.

Why Does This Matter?

• Respond proactively with automated remediation, like blocking compromised accounts.
• Recognize legitimate users for seamless experiences, and introduce friction only when risks or anomalies arise.
• Deploy automated prevention fast, with no code to install on webpages, applications, or user devices.

This unlocks huge opportunities for enterprise customers using Microsoft Entra—enabling faster, smarter prevention with the automation power of Workflows. 💪

Getting started? Check out the docs.

✨ New Feature Alert ✨

Chat History is now live in the Vera Agentic AI interface! You can now view your past conversations with Vera, making it easier to pick up where you left off and review previous insights.

What's New?

1. Chat History Sidebar: See a list of your recent conversations on the left panel of the Vera interface.
2. Persistent Conversations: Each chat is saved, making it easy to revisit specific conversations.
3. Click to Resume: Reopen a previous conversation at any time and continue right where you left off.

Why Does This Matter?

• More context: No more losing track of important questions, responses, or insights—everything is saved.
• Smoother workflows: Jump back into previous investigations or reuse prompts that worked well.
• Better collaboration: Easily share or reference past conversations when working across teams.

As always, we're open to feedback. Tell us what you think!

🌟 New Feature Alert 🌟

Verosint supports non-routable IP addresses for workforce use cases!

Customers with internal networks often use non-routable IPs (e.g., 10.x.x.x, 192.168.x.x). Verosint fully supports these addresses when paired with location metadata, unlocking complete ITDR signal enrichment, threat detection, and workflow automation.

What's New?

1. 🌍 IP Enrichment Works for Non-Routable IPs – When location metadata is provided, Verosint enriches activity from internal IPs just like public ones.
2. 🔍 Risk Detection & Workflow Accuracy for Non-Routable IPs – Impossible Travel and other location-based detections now function seamlessly for non-routable traffic. Plus, this location context enhances automated decision-making in workflows, enabling smarter access control across your internal user base.
3. 📊 Unified View of Workforce Risks – Internal employee activity is now visible and actionable within your Verosint environment.

Why Does This Matter?

• 🛡️ Full ITDR Coverage: Cybercriminals don't break in, they log in. Now, you can detect suspicious behavior across your entire workforce—even behind the firewall.
• ⚡ No Gaps in Observability: Just because an IP isn’t public doesn’t mean it should go unanalyzed. With this update, it doesn’t.
• ✅ Insight Activation: If you're already tracking internal IPs with location context, Verosint can make that data work immediately.

Your internal networks just became a whole lot safer. You're welcome.

🌟 New Feature Alert 🌟

Integrate your Slack workspace with Verosint and get notified directly in Slack when threats are detected. Stay on top of suspicious activity without leaving your team's primary communication hub.

What's New?

1. You can now connect your Slack workspace to Verosint in just a few clicks.
2. Choose the Slack channels where you want to receive threat alerts.
3. Get real-time notifications when Verosint detects suspicious activity, including credential stuffing attacks, account takeovers, and other identity threats.

Why Does This Matter?

1. It reduces response time by notifying your team where they already work.
2. It keeps security alerts front and center—no more digging through dashboards or inboxes.
3. It supports faster collaboration across teams during incident response.

Slack is just the beginning. We've got other integrations (e.g., Microsoft Teams, etc.) in the works. Stay tuned! 🚀

🚀 Improvements Alert 🚀

We’ve enhanced prompt suggestions for Vera AI so you can quickly ask about the threats or accounts that matter most.

What’s New?

1. 🔍 Smarter, more relevant prompts surface based on open threats or accounts.
2. ⬆️ A single click now makes it easier to ask the right questions, faster.
3. ✨ Cleaner, more intuitive suggestions help you focus on what matters most.

Why Does This Matter?

1. ⏱️ Spend less time figuring out what to ask and more time acting on threats and insights.
2. 🚀 Investigate with greater speed and clarity, supported by targeted guidance.
3. ✅ Journey from detection to response is smoother and more confident.