IBM Security Verify Access helps organizations securely manage user access and protect applications against fraudulent and unauthorized access. It operates across web, mobile, and enterprise infrastructure, including network access and Windows and Unix servers.

The 10.0.8 release marks the eighth maintenance release on the v10 platform and delivers the following updates and enhancements:

Verify Access Platform

• Configuration Container
  Provides a secure, lightweight environment for system configuration, enhancing flexibility and security in enterprise container settings. This feature allows for operation without advanced Kubernetes security contexts, speeds up boot times, and improves system supportability.
• Reverse Proxy OIDC Relying Party Proof Key for Code Exchange (PKCE)
  Strengthens security in the authorization code flow by supporting PKCE, reducing the risk of interception.
• OIDC SSO authentication to the Local Management Interface
  Facilitates secure and streamlined logins to the Local Management Interface using external OIDC 2.0 compliant identity providers.
• Audit, Logging, and Compliance Enhancement
  • Auditing records for command line actions
    Increases transparency and compliance by automatically logging every command line action to the system event log.
  • WebSEAL request log directives
    Allows the inclusion of environment variable values in WebSEAL request logs, improving the granularity and usefulness of audit trails for security and compliance monitoring.
  • Auditing filter
    Enables selective exclusion of events from auditing logs, allowing for more targeted and efficient log management while maintaining compliance with relevant standards.
• Serviceability Enhancements
  • Global tracing web service and CLI
    Offers administrators the ability to retrieve a comprehensive list of the current tracing status for all components, enhancing diagnostics and troubleshooting capabilities.
  • SFTP access to support files
    Facilitates secure, remote retrieval of support files via SFTP, providing convenient access for administrators to obtain necessary diagnostics and support data.
  • Snapshot manager
    Enhances system maintenance capabilities by allowing for the management of container snapshots, including viewing in JSON format and deletion functionalities to optimize storage and system performance.
  • Container administrator password
    Improves security and administrative ease by allowing environment-based control over administrator password changes, facilitating secure and manageable container operations.
  • Kerberos keytab management
    Facilitates secure authentication processes by enabling the export of Kerberos keytab files, previously only importable.

Advanced Access Control (AAC) & Federation

• Authentication Policy Import
  Simplifies policy management by allowing the import of authentication policies via bundle files, accelerating deployment and updates across multiple deployments.
• Managing the runtime server
  Offers direct control over server operations through AAC settings, enabling administrators to effectively manage runtime parameters.
• Passkey metadata
  Gives administrators visibility into Passkey metadata usage, enhancing security measures and policy enforcement.

• OTP and SMS Enhancements
  • OTP Enrollment Mechanism
    Introduces a new method for users to enroll in TOTP or HOTP during policy execution, including validation before completion.
  • OTP Policy Configuration
    Extends the configurability of TOTP, HOTP, and MAC OTP mechanisms with new template-level properties and updated policy-level settings, increasing flexibility and control over authentication processes.
  • SMS Gateway Server Connection
    Allows for shared SMS gateway configurations between authentication policies, streamlining setup of SMS-based authentication.