Community Announcements - Page 2

IdentityIQ

This vulnerability can and should be immediately mitigated by introducing a JVM system property to the application server environment that is hosting IdentityIQ.

Detailed information on action needed can be located here: https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerabil...

File Access Manager

This vulnerability can and should be immediately mitigated by updating the log4j library in the Elasticsearch instance that is part of the File Access Manager deployment as documented in the content for the CVE referenced above.

Detailed information on action needed can be located here: https://community.sailpoint.com/t5/File-Access-Manager-Blog/File-Access-Manager-log4j-Remote-Code-Ex...

SailPoint SaaS Services Response to log4j Remote Code Execution Vulnerability

The critical vulnerability announced yesterday in the log4j library used in several SailPoint SaaS solutions (IdentityNow and IdentityAI) being tracked by CVE-2021-44228 has been mitigated in all SailPoint SaaS environments. All SailPoint SaaS services are now safe from the log4j exploit. 

Stay up to date on all the community announcements and updates here: https://community.sailpoint.com/t5/Community-Announcements/bg-p/community-announcements

IdentityNow/IdentityAI:

log4j Remote Code Execution Vulnerability


SailPoint SaaS Services Response to log4j Remote Code Execution Vulnerability

Earlier today, a critical vulnerability in the log4j library used in several SailPoint SaaS solutions (IdentityNow and IdentityAI) was announced and is being tracked by CVE-2021-44228.

SailPoint is actively tracking this vulnerability and has implemented mitigating controls in our SaaS edge services. Teams are actively working to complete additional mitigations and remediations associated with on-premise services. Estimated completion for internal services is tomorrow, Dec 11th.

Cloud Access Manager:

log4j Remote Code Execution Vulnerability

Earlier today, a critical vulnerability in the log4j library was announced and is being tracked by CVE-2021-44228.

SailPoint has investigated this critical severity vulnerability and has determined that the CAM environments, which do not use the log4j library, are not impacted by this vulnerability.

The entire SailPoint team is available to answer any question you may have about this vulnerability. If you have questions, please contact your Customer Success Manager, Engagement Manager, or Partner Manager.

SaaS Management:

log4j Remote Code Execution Vulnerability

Earlier today, a critical vulnerability in the log4j library was announced and is being tracked by CVE-2021-44228.

SailPoint has investigated this critical severity vulnerability and has determined that the SaaS Management environments, which do not use the log4j library, are not impacted by this vulnerability.

The entire SailPoint team is available to answer any question you may have about this vulnerability. If you have questions, please contact your Customer Success Manager, Engagement Manager, or Partner Manager.

Access Risk Management:

log4j Remote Code Execution Vulnerability

Earlier today, a critical vulnerability in the log4j library was announced and is being tracked by CVE-2021-44228.

SailPoint has investigated this critical severity vulnerability and has determined that the ARM environments, which do not use the log4j library, are not impacted by this vulnerability.

The entire SailPoint team is available to answer any question you may have about this vulnerability. If you have questions, please contact your Customer Success Manager, Engagement Manager, or Partner Manager.

This issue is now resolved. We have confirmed that all services are operational. Please reach out to SailPoint Support for assistance if you are experiencing any further issues with your tenants.

We are experiencing an issue with our cloud provider disrupting our SaaS services.  We are monitoring the situation and working closely with our cloud provider to recover our services as soon as possible.

Please visit status.sailpoint.com for the latest updates or contact SailPoint support if you have any questions or concerns.

SailPoint single access is live! After signing in through single access, click "sign in" on any of the other portals and you will automatically be logged in. Get started today by learning how to sign in for the first time.

The following websites are available through single access, with more to come soon: 

• Compass
• Developer Portal
• Ideas Portal
• Identity University
• Support Portal
• Developer Ideas

If you have any issues, please reach out to the team at login-help@sailpoint.com. Note that the new login does not include your IdentityNow account. Check out the Guide and FAQ for more information.

Single access to all of SailPoint's websites launches on October 15! There will be downtime on Friday, October 15, from 5 - 11 p.m. Central Standard Time for Compass and Identity University. You will not be able to sign in during the update window, but you can still browse content that does not require signing in.

The following sites will be available through SailPoint single access, with more to come soon:

• Compass
• Developer Portal
• Ideas Portal
• Identity University
• Support Portal
• Developer Ideas

Learn how to sign in for the first time with single access and subscribe to Compass Announcements to receive a notification when the feature goes live. Please note that the new login does not include your IdentityNow account. Check out the Guide and FAQ for more information.

Please join us in welcoming, Skipper, our new automated chat bot! You can find Skipper hanging out at the bottom right-hand side of all pages and is here to provide you yet another way to gain assistance.

Skipper is a little shy at first but the more you interact, the better it gets!

If you have any questions, please reach out to compass-help@sailpoint.com.

The Compass Team will conduct platform maintenance on TODAY, August 16, from 9 - 11 p.m. central standard time. There will be a possible downtime of 30 minutes during this time-frame.

If you encounter any issues with your account after the maintenance window, please try logging out and logging back in. For any errors that don't resolve, reach out to us at compass-help@sailpoint.com for troubleshooting.

On July 13, 2021, Microsoft made the following announcement: “Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China, based on observed victimology, tactics, and procedures.”

SailPoint does not use SolarWinds products or services and is not impacted by the vulnerability outlined above. If you have any further questions please reach out to your sales team or Customer Success Manager. If you are not sure who to contact, please send an email to compass-help@sailpoint.com and we will connect you with your representative.

Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said on Monday.

SailPoint does not use Kaseya’s products or services and is not impacted by the July 2 Supply-Chain Ransomware attack. In addition, our 3^rd party Threat Hunting service has confirmed to have found no indication that the activity outlined in the discussed research has affected our organization.

If you have any further questions please reach out to your sales team or Customer Success Manager. If you are not sure who to contact, please send an email to compass-help@sailpoint.com and we will connect you with your representative. 

Hi All!

For the second year in row, SailPoint has received Gartner’s ‘Customers’ Choice’ designation for the Identity Governance & Administration (IGA) market and inclusion in the Voice of the Customer Report for IGA. We’re proud and thrilled to be recognized as a preferred identity security company and wouldn’t be where we are today without you.

So, thank you – thank you for your partnership, your dedication to identity security, your drive for innovation and using your voice to share that to those of you that reviewed and rated us. We’re proud to be on this journey with you, testing the limits of what we can achieve together. Your success is our success, and these moments of celebration are a reminder of where we started 15 years ago, and how this community and industry has grown to what it is today.

Check out the 2021 ‘Voice of the Customer’ report based on Gartner Peer Insights IGA market reviews. If you want to make sure your voice is heard, leave us a review!

Meredith Blanchar

SVP, Customer Success

The user interface for private messages has been updated. The new design includes threaded messages for a more streamlined view, and search capabilities so you can search your inbox.

Keep reading for a quick overview about the new version of private messages. 

Click Search and type in a query to look through your messages. Select the green pen and paper icon to compose a new message. 

Navigate to the Options menu above the search bar to view overall inbox options. 

Toggle between Inbox for all messages, and Sent for sent messages, by selecting the dropdown icon on "Inbox".

Change how you interact with the sender - Ignore User or Add Friend - by going to the Options menu to next to the trashcan icon. The trashcan icon is to delete messages. 

Report messages to a moderator by selecting the options menu within the message and clicking on Report To Moderator. 

The updated How To: Private Messages tutorial is coming soon! In that tutorial we will take a closer look at the features available. If you have any questions, feedback, or errors with the Private Messages interface update please reach out to the team at compass-help@sailpoint.com. 

The updated Compass navigation is now live! The new menu might feel familiar because it uses the same styling from SailPoint's main site.

The links that appear in the menu are dependent on: 

• Your logged in/ logged out status
• If you are partner or customer 
• What type of product you own

SaaS and software information, as well as downloads and integrations, can be found under the Products tab. 

Resources is where you will find community shortcuts, network opportunities, the customer newsletter and recommended community pages. 

Under Community is where you go to ask a question in the forum, subscribe to a blog, check out the product wikis, submit an idea and more. 

Head over to Support for new customer and partner resources, the Support Portal, training through Identity University, developer information and links for partners. 

The updated menu incorporates links from the community and other SailPoint websites. We placed icon identifiers next to any outbound link, so you know when you are leaving the community. Note that some of these sites may require that you register or login. 

The final change is the way messages and notifications appear. A red dot will show next to your profile image when you have a message. Click on your profile to expand the menu, and select the bell for notifications or the envelope for private messages. 

This is a big shift from the previous version! The goal is to make it easier for you to find community pages and links to other SailPoint portals. If you have any questions or feedback, please reach out to the team at compass-help@sailpoint.com. 

The new community search is live! With federated search you can retrieve results from Compass, Identity University, the SaaS document sites and Support Portal.

The new search is capable of:

• Exact phrase searching
• Auto-suggestions as you type
• Serving similar searches for more results
• Two different views (list and grid)
• A preview panel that opens within the search results page
• Granularity through a variety of scoping options

The new search engine’s algorithm will learn what is relevant and prioritize results over time. Take a closer look at the new search capabilities, and if you have any suggestions or feedback regarding the results please send us a message at compass-help@sailpoint.com.

Well, we are certainly off to a busy and exciting start to 2021 at SailPoint as I’m reconnecting with each of you to share some more exciting news.

Yesterday we closed on another acquisition – this time with a company called ERP Maestro which is a SaaS governance, risk and compliance (GRC) solution. With ERP Maestro, SailPoint will unite identity security with ERP Maestro’s Separation-of-Duty (SoD) controls monitoring for your organizations’ most critical applications, like SAP. This will provide an integrated approach for effective identity security controls and SoD oversight.  This type of oversight is critical spot and stop risks posed by potential insider SoD conflicts before they become a crisis of fraud or breach of sensitive data.

ERP Maestro brings an experienced team with a rich heritage in ERP-focused audit and compliance.  Tapping their deep domain expertise combined with our comprehensive approach to managing and securing workforce access across all critical business systems and applications makes for a natural pairing, one that will help to shut down the siloed approach that many companies typically find themselves in – managing SoD monitoring and controls for sensitive business systems separately from their identity security program. By uniting the two, we’ll soon be able to help you reduce and eliminate gaps in visibility across the entirety of your workers’ access needs across all applications and data.

We’ll be sharing much more about this product and our integration approach in the coming weeks, but for now you can find more information in this press release.

We look forward to bringing new value to you through this acquisition as well as the recent acquisition of Intello as we help you continue to navigate your identity journey with SailPoint.

Take care,

Meredith

Search is about to get a major update. Based on your feedback we are implementing a new search page and more features to help you find what you’re looking for.

With federated search you will be able to find content from SailPoint’s ecosystem for customers and partners. At launch that will include the Community, Identity University, the document web pages and Support Portal - with more sites to be added soon.

Search Features:

• Auto-suggestions of content as you search.
• Multiple ways to filter results into areas that are relevant to you. That includes the ability to filter by labels and tags!
• Preview panel to show you the page without having to click the link.
• Advanced options like search with exact phrase.  
• List and grid views.
• An improved algorithm that learns what is relevant and prioritizes results over time.

You may notice some small menu changes as well. We are exposing more sub-categories and boards in the navigational structure as we work on updates. The team is transitioning to a new menu arrangement that will highlight key sections and pages of the community. Make sure you are subscribed to the Community Announcements blog! A separate post will go out the closer we get to launching the new menu. 

We want to hear from you! If you have any questions about this update please reach out at compass-help@sailpoint.com.

Delivering on our vision to embed identity into the cloud enterprise’s digital fabric, SailPoint announced additional extensibility functionality to our platform. SailPoint also introduced the new SailPoint Developer Community to help developers move quickly and with less effort.

The new extensibility features, coupled with the SailPoint Developer Community, enables you to infuse the SailPoint Identity platform’s core functionalities within your workflows, reducing integration development from months to days or even hours. This allows the opportunity to make identity security decisions with greater ease, creating workflows that fit within your company’s existing business processes and infrastructure. For example, when an identity change occurs, administrators are automatically notified via a collaboration tool like Slack or Microsoft Teams to take action. There is no longer a need to schedule frequent reviews in other systems to identify and make important identity decisions as workforce access needs evolve to meet business demands.

For additional information on this exciting news, please see the following press release and blog.

As we kick-off 2021, I have some exciting news to share from SailPoint! 

Today we closed on an exciting acquisition of Intello, a SaaS application management platform that helps customers get their arms around the massive amount of SaaS app sprawl happening across businesses. With Intello, our customers can easily discover and manage all of their SaaS applications, even uncovering those outside of IT’s purview.

This acquisition addresses a major security challenge for businesses that has become increasingly more complex and impactful with this massive shift to remote working. The notion of “Shadow Access,” or the growing lack of visibility into what SaaS apps exist across the business and who, or what, has access to them, represents a major area of risk to most businesses today.

With Intello, we’ll soon be able to help you quickly discover, control access, track usage, and enforce security policies for all SaaS applications across your business. Intello is complementary to our already robust suite of products and once fully integrated, will provide you with a seamless process of discovery through governance of all of SaaS applications in your ecosystem.

We’ll be sharing much more about this product and our integration approach in the coming weeks, but for now you can find more information in this press release.

This is a very exciting acquisition for us and one that furthers our commitment of enabling our customers to protect their businesses at scale. 

As always, thank you for being our valued customer.

Take care,

Meredith Blanchar

SVP, Customer Success

We are excited to announce that the new portal for ideas and voting goes live Friday, February 12.

The team is currently at work moving forum topics with the idea tag into the current idea exchange and preparing posts to migrate to the new portal. Ideas will still be attributed to the original submitter; however, followers will need to re-subscribe to their saved ideas after the migration.

Idea Portal features include:

• Search and vote for an existing idea or add your own.
• Subscribe to an idea and receive a notification when the status changes.
• Quick response times from the SailPoint team.
• Enhanced transparency. Not all ideas will be selected for development but all ideas will be responded to with a status update and comments.

Keep an eye on your inbox! Later this week Compass users will receive an invitation for the new portal. Please note that this is a separate portal, it is not a part of Compass. Users who do not receive an invitation can still register by visiting the portal after it goes live.

For questions about the Idea Portal contact idea-help@sailpoint.com. 

The Compass Team will conduct platform maintenance on Monday, February 8, from 4:30 - 8:30 a.m. central standard time. There will be no downtime for this event. 

If you encounter any issues with your account after the maintenance window, please try logging out and logging back in. For any errors that don't resolve, reach out to us at compass-help@sailpoint.com for troubleshooting. 

Visit the SaaS Platform landing page to access the IdentityNow, AI Services (formerly IdentityAI) and Cloud Governance product guides and the SaaS Updates blog.

We've left these options in the menu, under the SaaS Platform landing page, to help users transition to the new page. 

You can read a detailed breakdown about the changes in this Community Announcement post. Please update your bookmarks and subscriptions as needed. 

A quick note about the updates - during the process the team moved content from one blog to another. You may have received several notifications from the community for the posts that were migrated. The team is aware of this issue and we apologize for the inconvenience! We are researching ways to improve this process so that unnecessary notifications don't go out to subscribed users.  

If you have any concerns or questions please reach out to the team at compass-help@sailpoint.com.

IdentityNow, IdentityAI and Cloud Governance landing pages are being replaced with one SaaS Platform landing page for all SaaS products. 

On Tuesday, November 17, we are launching a single landing page experience for our SaaS solutions and blog. These changes will make it easier to find guides based on the SaaS capability that you are implementing.

Community members should still go to the IdentityNow wiki and IdentityNow forum for SaaS community support.

Make sure you review and update your bookmarks and subscriptions after the launch of the new page! 

Current State - 

Future State - IdentityNow, AI Services and Cloud Governance links in the menu will redirect to the new SaaS Platform landing page.

Preview of the new SaaS Platform landing page - 

Please note that we are also migrating the content from the blogs listed below to the SaaS Updates blog. The old blogs will be removed.  

• IdentityAI Blog 
• Cloud Governance Blog

If you have any questions or feedback about this update you can reach out to the team at compass-help@sailpoint.com.

View the new Connectivity Updates blog in Compass! Visit Connectivity Updates and click on the Options menu to Subscribe. 

The blog link can also be found on the Connector Directory landing page. 

All past posts with the "Connectivity Updates" label were migrated to the new blog. If you follow IdentityNow Updates, you can read more about the change here.

Update: This issue is resolved. PDF attachment previews are working again. If you are still encountering an error, please reach out to us at compass-help@sailpoint.com. 

Original post below: 

Users have reported an issue with previewing attached PDFs on posts. When you click the PDF to view it, this screen appears - 

We are currently researching this issue. The team will update this blog post once the error has been resolved. As a workaround, you can download the PDF to view on your device. 

If you have any questions or would like to report an issue, please contact us at compass-help@sailpoint.com. Thank you! 

Update: This issue is resolved. Users should be receiving emails from the community again. If you are still encountering errors, please reach out to us at compass-help@sailpoint.com. 

Users have reported an issue with emails not being sent from the Community.

This impacts:

• All users who normally receive emails from Compass
• Users who are trying to register, but don't receive their verification email
• Users who initiate the forgotten username and password flow
• Those who are subscribed to threads and boards to receive updates via email
• It may also affect private message alerts, if you've enabled those to push to your inbox

We are working with our community vendor to resolve the issue and will update this blog entry as soon as the problem is fixed.

We apologize for the inconvenience. We know how critical Compass emails may be to your workflow. Please reach out to us at compass-help@sailpoint.com so we can assist as much as we can in the interim. 

We have made some changes to the Training section of the community. You can now find all training materials under the Identity University menu. 

Click on Identity University from the main menu for a quick overview of what courses are offered, and to learn how to register for a university account. Please note that users are required to have a Compass account before registering for an Identity University Account. 

Select the Certification Program from the submenu to learn more about the SailPoint Certified Identity Professional Program. 

Update your subscriptions and bookmarks to the new Identity University Blog, which covers news and announcements related to training, e-learning and the certification program. 

Update your subscriptions and bookmarks to the new Identity University knowledge bases! These knowledge bases were created so that some of the documentation could be easily linked to and viewed without having to register for Compass. 

Private, requires Compass account to view: Identity University Documents 

Public, does not require Compass account to view: Identity University Training Resources

If you have any questions or feedback about these updates please reach out to the Community Team at compass-help@sailpoint.com. 

We published a significant update to the home page today! Get all of the details on what was updated in the previous announcement.  We also updated the Events page, to include a section for Upcoming Events and an Events Archive.

Upcoming Events has posts categorized by region, to make it easier for you to see relevant registration information. 

The Events Archive categorizes events by type. You can select the series that interests you and browse through past recordings. 

Tip: You can subscribe to a series and be notified about upcoming events and webinars by visiting the page and clicking Options > Subscribe.

Example -

Click on Office Hours in the Events Archive. 

Click Options to expand the menu and then click Subscribe. 

Have questions or feedback regarding this update? Please reach out to the team at compass-help@sailpoint.com.

The Compass Team is redesigning the Home Page to highlight the most recent and the most popular information from the community. Please note that the screenshots is this blog post are for informational purposes only and may differ slightly from the final design.

The new home page will include a list of Recent Topics from the forums, as well as quick links for Support, Expert Services, Identity University and Developer documents.

There will also be an Events feed that pulls in posts from the User Group Events and webinar blogs, and a new component, Latest News, that will feature the latest updates from the Community Announcements blog.

Along the bottom of the page, users will be able to read the most popular articles from the product knowledge bases. 

The home page changes are planned to take place soon, so keep an eye out for those updates! If you have any questions or feedback once the updates are live, please write us at compass-help@sailpoint.com. 

Search update: You can now filter your search results by labels. 

Find relevant articles and posts by clicking on Labels to constrain your results. You can select more than one label. 

To remove a filter, just click on the x next to the filter you wish to remove. 

Please note that this filter only works for labels, not tags. This enhancement will make it easier for you to filter results to the types of topics that you are searching for. The Compass Team will continue to bring more search improvements to the community to make it easier for users to find the information that matters most!