EFECTE PROVISIONING ENGINE RELEASE NOTES 2023.2.0 

Efecte Provisioning Engine is one of the Efecte Cloud components. It provides multiple different provisioning functions to Efecte solutions, build on top of Efecte Service Management Platform.

Executive summary 

Support for Event-based Custom script

This feature is used on the productized HR connector to write data from Efecte provisioning engine to HR systems. Data can be provisioned via custom script, event-based provisioning task, workflow and orchestration node.

New Efecte connector

The EPE 2023.2.0 release introduces capability to connect between Efecte ESMs via Efecte provisioning engine. EPE Administrators are able configure connection to another Efecte ESM using the EPE admin UI. Any data card can be provisioned to another ESM by using event-based provisioning task, workflow and orchestration node.

You can find the complete list of improvements and features included within the 2023.2 EPE release below.

EFECTE SECURE ACCESS RELEASE NOTES 2023.2.0

Efecte Secure Access (ESA) is an authentication component for the Efecte platform. ESA provides authentication & authorization capabilities to the Efecte platform, including Efecte Self-Service and Efecte Service Management.

Executive summary

New authentication method Yubico

This release introduces one new authentication method to the ESA product

• Support for Yubico yubikey 

ESA Administration features added 

We are excited to announce that ESA has been updated with new Administration features that allows ESA Admins to enable auditing of the Admin events and add consent approvals if needed when user logs into system. 

Example ESA Admin Events
When consent approval is enabled in ESA and user logs into Efecte the consent screen is displayed. After the consents are set you can display the user consents from ESA admin console. 

Example of one User's consents

Security improvements

Starting from 2023 Q2 Brute Force Detection is Enabled by default in ESA. A brute force attack attempts to guess a user’s password by trying to login multiple times. ESA has now brute force detection capabilities and can temporarily disable a user account if the number of login failures exceeds a specified threshold. By enabling the Brute Force detection in ESA, we can temporarily block the attackers trying to break into the system by disabling the users temporarily.  

Example Brute force settings in ESA

Also ESA Clickjacking protection settings are tuned. Clickjacking protection prevents an attacker from embedding a web page within an iframe and tricking the user into clicking on hidden or disguised buttons or links. 

You can find the complete list of improvements and fixes included within the 2023.2 ESA release below.