What's New

Administrators can now enforce an additional layer of protection for sensitive web applications by monitoring footsteps taken by the end user during their sensitive web session. The feature protects against unauthorized access if the authenticated user leaves their computer unattended while the sensitive web session is left open on the endpoint and exposed.

The current release is available with CyberArk Mobile on iOS only.

For more details about this solution, see Continuous Authentication with the CyberArk Mobile app

For details on how to enforce continuous authentication with the pedometer lock, see Configure Continuous Authentication with the CyberArk Mobile app

New users of the CyberArk Mobile app, who are assigned an application that is protected by Continuous Authentication, can now have their trusted mobile device joined to SWS during the first application access QR, requiring no separate onboarding steps or invitations.

SWS now supports EPM integration with EPM tenants that use the new policies management UI.

For details, see Configure EPM integration with Session Protection

Additional actions are now included in the Session Recording details when triggered during protected sessions. The new events are:

• Session locked by - Pedometer lock

• Session locked by - Idle Timeout

• Session resumed by - CyberArk Identity MFA

• Session resumed by - CyberArk Mobile App

CyberArk Identity Secure Web Sessions can now enter into Business Associate Agreements (BAA) with US based healthcare customers requiring adherence to the Health Insurance Portability and Accountability Act (HIPAA). This confirms that CyberArk meets or exceeds all regulations and US legal requirements regarding the use, disclosure, and safeguarding of individually identifiable health information – that may be recorded, captured or otherwise saved in the Secure Web Sessions service. For more information, see https://www.cyberark.com/trust/hipaa-compliance/

Secure Web Sessions now exposes REST API's, which enables management and visibility of SWS users, application policies, and activities. This allows for integration with external systems for reporting of policies and management console activities. Additional API's are on the way soon. For more information, see Using the Secure Web Sessions APIs.

Added recommendation to add CyberArk Identity custom application domains to step recording exclude list. For more information, see Configure step recording settings

Administrators and Auditors now have the ability to flag events or sessions that are of interest to them, and afterward filter their view based on these flags. This allows customers to refer back to interesting or reviewed suspicious events at a later date without needing to search again.

For more information, see Flag session recordings and steps.

Our team is constantly reviewing and taking feedback to improve Secure Web Sessions. This release includes the following minor improvements:

• Ability to sort recorded sessions by number of steps

• Timeframe and filters remain visible while scrolling through activities

• When viewing session details, the username now appears before the start-time in the header

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

Administrators can now configure and enforce additional protections on their user's web-applications. This release provides the ability to enforce protection against unauthorized application access, allowing organizations to re-authenticate users under special circumstances when using high-risk applications. Continuous Authentication offers protections via integration with CyberArk Identity multi-factor authentication (MFA) or via CyberArk Mobile QR code.

For more information about Continuous Authentication, see What is Continuous Authentication?

For information about configuring Continuous Authentication, see Configure Continuous Authentication with MFA.

We have improved the auditor experience for viewing specific session recordings. Higher resolution screenshots, mouse and keyboard directional commands for moving between steps, and better navigation to find and go-to specific steps, all help improve the experience and effectiveness for the SWS Auditor.

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

SWS administrators can view a history of activities that have been performed in the Secure Web Sessions management portal. For more information, see Monitor activities.

Browser restrictions were optimized with the addition of preventing access to the right-click context menu, as well as multiple improvements.

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

Administrators can now configure and enforce additional protections on their users web-applications. This release provides the ability to enforce restrictions on clipboard / drag&drop as well as restrictions on performing downloads from protected applications. As with SWS Step Recording layer - these protections are only implemented on the protected application tabs for the user leaving clipboard / drag&drop or downloads still fully functional for users in other non-protected applications. Lastly, the user will see an OS notification whenever a user action is prevented by SWS protections letting them know that the block was intended by their Administrator. For more information, see Session Protection with SWS browser extension

Integration with CyberArk EPM via SWS Session Protection is now available for client level protections. Customers can now integrate SWS and CyberArk's Endpoint Privilege Manager (EPM). With this integration we are providing a set of chrome browser protection policies which can be imported into EPM and enabled on your client devices. These protection policies also include the ability for the SWS extension and EPM agent to communicate and thereby validate EPM protection during the SWS Security Layer Validation stage of a user login to a protected web-application from CyberArk Identity SSO. For more information, see Session Protection with CyberArk EPM integration.

This release of the SWS extension provides the ability to export logs via the SWS extension for better supportability and troubleshooting of both SWS extension browser level actions as well as SWS-EPM integration actions. For more information, see Deploy the browser extension.

Improvements were made to the performance of search suggestions and filter functionality in the SWS portal.

Each week we aim to release new improvements and bug fixes during our set maintenance window (3:30 EST - 6:00 EST (8:30 UTC - 11:00 UTC). When new features are announced, they will be included here.

This weeks release includes bug fixes and minor improvements.

Secure Web Sessions can record and monitor screenshots of all actions taken by specific end users within protected web applications. The solution uses a browser extension, installed on the user's endpoint, to monitor and segregate web apps that are accessed through CyberArk Identity Single Sign-On (SSO).

Secure Web Sessions captures only SWS enabled applications, and ignores other tabs opened in the users browser window. End users are notified when a session begins recording, and when it ends. Secure Web Sessions captures all end user actions using a “stepper” approach. Specific actions, like mouse-clicks and “enter” or “tab” keystrokes, trigger a screenshot of the end users’ browser along with relevant metadata.

Screenshots are captured and encrypted at the endpoint by the Secure Web Sessions extension and are then only accessible by authorized Secure Web Sessions administrators and auditors with a customer-controlled encryption key. Encrypted recordings are streamed up to CyberArk SaaS for search and retrieval access by auditor or administrator.