icon-itdr.svg
ITDR

Release Upgrade Summary (2023)

This article provides a summary of all new features and enhancements for Zscaler ITDR. To see scheduled maintenance updates for your cloud, visit the Trust Portal.


The following service updates were deployed to illusionblack.com on the following dates.

November 02, 2023
August 31, 2023
  • Feature Available
    • Active Directory Attack Detection

      You can create a Windows landmine policy and configure the ITDR - Active Directory (AD) attack detection module to detect credential misuse, entitlement exposures, and privilege escalation activities against AD via the Landmine Agent.

      To learn more, see Creating a Landmine Policy and Configuring ITDR - Active Directory.

    • Identity Posture - Active Directory

      The Identity Posture - Active Directory feature enables organizations to protect privileged identities, such as Active Directory (AD) domains that are at a high risk of exploitation and regulatory noncompliance. It helps you to detect attacks, such as DYSync, DCShadow, Kerberoast, etc., and disrupt privilege escalation and lateral movement threats with decoy users and computers.

      Scan Active Directory Domains

      You can scan AD domains via a Microsoft Windows landmine agent to discover identity vulnerabilities, such as AS-REP roasting and kerberoasting attacks.

      To learn more, see About Scan Agents and Scanning an Active Directory.

      Identity Posture - Active Directory Dashboard

      After your AD domains are scanned, the results are available on the Identity Posture - Active Directory dashboard. The dashboard displays the top vulnerability issues by severity, affected users and computers, risk analysis with issues categorized by percentage, issues mapped on the MITRE ATT&CK kill chain, etc. You can interactively drill down to a specific issue and analyze it.

      On the dashboard, you can view active changes detected in your AD that provide near real-time visibility of new misconfigurations and security risks introduced.

      The dashboard displays remediation steps that you can take to maintain the security posture of your AD infrastructure. You can also view and download the vulnerability reports.

      To learn more, see About the Identity Posture - Active Directory Dashboard.

      Issue and Object Safelist

      After your AD domain is scanned, the vulnerability issues and objects (AD user accounts and computers) are listed on the Focus Area page. You can review these issues and objects to confirm that the vulnerability is not a risk and mark them as safe. The issues and objects marked as safe are listed on the Issue Safelist and Object Safelist pages.

      To learn more, see Adding a Vulnerability Issue to the Safelist and Viewing and Managing Issue Safelist.

      To learn more, see Adding an Active Directory Object to the Safelist and Viewing and Managing Active Directory Object Safelist.

      ITDR - Change Detection

      The ITDR - Change Detection feature improves the security posture of an Active Directory (AD) environment. It provides near real-time visibility into new misconfigurations and security risks introduced to your AD.

      To learn more, see About ITDR - Change Detection.

Related Articles
Release Upgrade Summary (2025)Release Upgrade Summary (2024)Release Upgrade Summary (2023)