What's New

Administrators can now apply and enforce SWS protections on sensitive applications in Microsoft Edge (chromium) browser. Combined with existing support for Google Chrome browser, Secure Web Sessions is now expanding coverage to additional desktop browsers with this release.

Microsoft Edge (chromium) browser is supported with SWS browser extension version 2.0.10501.

Users can now see the security layers protecting the current session via a quick click on the SWS browser extension. For details, see View active security layers for an application session.

Alert messages have been improved to add additional detail and helpful actions. Administrators configuring 3rd-party SSO applications with SWS now have an easier time fixing configuration issues. Additionally, users missing the SWS extension while attempting to access a protected application now have an improved warning message indicating that the SWS extension is required.

Three new API's are now available for use. Get a list of all sessions within a certain time frame (GetSessions), get information on a specific session, such as active security layers or username (GetSessionsByID), and get the specific steps taken within a particular session (GetSessionsById/steps). These have been added in addition to the already released GetRecordings API's in order to align with industry standards. The previous API's will continue to be supported for backwards compatibility, but new improvements will only be made to the GetSessions API's. For details, see API commands.

SWS now provides visibility and auditing for user downloads and clipboard actions taken in any we session secured with Step recording. In addition, SWS session details now include events for any user actions that were blocked by Session protection.

For details on the auditor workflow, see Access session recordings.

Manifest V3 is a name for the new upcoming browser extension API, essentially a large set of changes that will determine the next generation of the Chrome browser extensions. Beyond changes for new extensions - support for extensions with the current manifest V2 format will no longer run on Chrome as of January 2023. In this release, the Secure Web Sessions browser extension adds support for the new Manifest V3 API, while maintaining all existing functionality. (Previous versions of the SWS extension will continue to work at the previous level of support in order to provide backwards compatibility).

Customers can now apply Secure Web Sessions protections directly on-top of 3rd party identity providers (IdPs) SSO sessions, without requiring CyberArk Identity SSO. This streamlines setup, maintenance, licensing, and provides an easier user experience with less actions.

For details, see Configure SWS protections for applications

Two new API's are now available that enable SWS customers to GET a list of all recodings within a certain time frame (GET SWS Recordings), and also to GET the specific steps taken in a particular session (GET SWS recordings by ID). These API's allow customers to pull specific session details, and can enable integration with other security tools (such as SIEM).

For details, see API commands.

Administrators can now enforce an additional layer of protection for sensitive web applications by monitoring footsteps taken by the end user during their sensitive web session. The feature protects against unauthorized access if the authenticated user leaves their computer unattended while the sensitive web session is left open on the endpoint and exposed.

The current release supports Android (in addition to the already supported iOS).

For more details about this solution, see Continuous authentication with the CyberArk Mobile app

For details on how to enforce Continuous Authentication with the pedometer lock, see Configure continuous authentication with the CyberArk Mobile app.

Administrators can now enforce an additional layer of protection for sensitive web applications by monitoring footsteps taken by the end user during their sensitive web session. The feature protects against unauthorized access if the authenticated user leaves their computer unattended while the sensitive web session is left open on the endpoint and exposed.

The current release is available with CyberArk Mobile on iOS only.

For more details about this solution, see Continuous authentication with the CyberArk Mobile app

For details on how to enforce continuous authentication with the pedometer lock, see Configure continuous authentication with the CyberArk Mobile app

New users of the CyberArk Mobile app, who are assigned an application that is protected by Continuous Authentication, can now have their trusted mobile device joined to SWS during the first application access QR, requiring no separate onboarding steps or invitations.

SWS now supports EPM integration with EPM tenants that use the new policies management UI.

For details, see Configure EPM integration with Session Protection

Additional actions are now included in the Session Recording details when triggered during protected sessions. The new events are:

• Session locked by - Pedometer lock

• Session locked by - Idle Timeout

• Session resumed by - CyberArk Identity MFA

• Session resumed by - CyberArk Mobile App

CyberArk Identity Secure Web Sessions can now enter into Business Associate Agreements (BAA) with US based healthcare customers requiring adherence to the Health Insurance Portability and Accountability Act (HIPAA). This confirms that CyberArk meets or exceeds all regulations and US legal requirements regarding the use, disclosure, and safeguarding of individually identifiable health information – that may be recorded, captured or otherwise saved in the Secure Web Sessions service. For more information, see https://www.cyberark.com/trust/hipaa-compliance/

Secure Web Sessions now exposes REST API's, which enables management and visibility of SWS users, application policies, and activities. This allows for integration with external systems for reporting of policies and management console activities. Additional API's are on the way soon. For more information, see Using the Secure Web Sessions APIs.

Added recommendation to add CyberArk Identity custom application domains to step recording exclude list. For more information, see Configure step recording settings

Administrators and Auditors now have the ability to flag events or sessions that are of interest to them, and afterward filter their view based on these flags. This allows customers to refer back to interesting or reviewed suspicious events at a later date without needing to search again.

For more information, see Flag session recordings and steps.

Our team is constantly reviewing and taking feedback to improve Secure Web Sessions. This release includes the following minor improvements:

• Ability to sort recorded sessions by number of steps

• Timeframe and filters remain visible while scrolling through activities

• When viewing session details, the username now appears before the start-time in the header

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

Administrators can now configure and enforce additional protections on their user's web-applications. This release provides the ability to enforce protection against unauthorized application access, allowing organizations to re-authenticate users under special circumstances when using high-risk applications. Continuous Authentication offers protections via integration with CyberArk Identity multi-factor authentication (MFA) or via CyberArk Mobile QR code.

For more information about Continuous Authentication, see What is Continuous Authentication?

For information about configuring Continuous Authentication, see Configure Continuous Authentication with MFA.

We have improved the auditor experience for viewing specific session recordings. Higher resolution screenshots, mouse and keyboard directional commands for moving between steps, and better navigation to find and go-to specific steps, all help improve the experience and effectiveness for the SWS Auditor.

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

SWS administrators can view a history of activities that have been performed in the Secure Web Sessions management portal. For more information, see Monitor activities.

Browser restrictions were optimized with the addition of preventing access to the right-click context menu, as well as multiple improvements.

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

Administrators can now configure and enforce additional protections on their users web-applications. This release provides the ability to enforce restrictions on clipboard / drag&drop as well as restrictions on performing downloads from protected applications. As with SWS Step Recording layer - these protections are only implemented on the protected application tabs for the user leaving clipboard / drag&drop or downloads still fully functional for users in other non-protected applications. Lastly, the user will see an OS notification whenever a user action is prevented by SWS protections letting them know that the block was intended by their Administrator. For more information, see Session Protection with SWS browser extension

Integration with CyberArk EPM via SWS Session Protection is now available for client level protections. Customers can now integrate SWS and CyberArk's Endpoint Privilege Manager (EPM). With this integration we are providing a set of chrome browser protection policies which can be imported into EPM and enabled on your client devices. These protection policies also include the ability for the SWS extension and EPM agent to communicate and thereby validate EPM protection during the SWS Security Layer Validation stage of a user login to a protected web-application from CyberArk Identity SSO. For more information, see Session Protection with CyberArk EPM integration.

This release of the SWS extension provides the ability to export logs via the SWS extension for better supportability and troubleshooting of both SWS extension browser level actions as well as SWS-EPM integration actions. For more information, see Deploy the browser extension.

Improvements were made to the performance of search suggestions and filter functionality in the SWS portal.

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

Secure Web Sessions can record and monitor screenshots of all actions taken by specific end users within protected web applications. The solution uses a browser extension, installed on the user's endpoint, to monitor and segregate web apps that are accessed through CyberArk Identity Single Sign-On (SSO).

Secure Web Sessions captures only SWS enabled applications, and ignores other tabs opened in the users browser window. End users are notified when a session begins recording, and when it ends. Secure Web Sessions captures all end user actions using a “stepper” approach. Specific actions, like mouse-clicks and “enter” or “tab” keystrokes, trigger a screenshot of the end users’ browser along with relevant metadata.

Screenshots are captured and encrypted at the endpoint by the Secure Web Sessions extension and are then only accessible by authorized Secure Web Sessions administrators and auditors with a customer-controlled encryption key. Encrypted recordings are streamed up to CyberArk SaaS for search and retrieval access by auditor or administrator.