🔐 New Feature Release: Enhanced RBAC with Team-Based Access Control

We’re excited to announce the rollout of our Enhanced Role-Based Access Control (RBAC) — a powerful upgrade that gives Managed Service Providers (MSPs) and enterprise administrators greater control, clarity, and flexibility over access management across DefensX services.

🚀 What’s New?

✅ RBAC Teams

Admins can now organize their internal users (such as staff, engineers, and analysts) into Teams — enabling more precise delegation and streamlined control over customer accounts and operations.

✅ Granular Role Assignment

Assign predefined roles (e.g., View Only, Policy Editor, Billing, Full Admin) to individual team members — either globally or per-customer.

✅ Per-Customer Access Scoping

No more “all or nothing” access. With per-customer scoping, your staff can now be granted access only to the customers they manage — improving operational security and minimizing risks of accidental misconfiguration.

✅ Audit-Friendly Transparency

Each user’s permissions and access scopes are now fully traceable and easy to review — ideal for compliance and operational oversight.

⸻

📚 Learn More & Get Started

🔗 RBAC Teams Overview & Setup Guide

You can now specify , , and on the Service Tickets configuration screen for tickets created from DefensX.

These fields are optional and can be used to enable more advanced automation and streamline ticket management.

You can now search for a computer's hostname across all customers under your management through the Computer Search feature which you can find on Global Tools > Search at the partner level of DefensX Backend.

This is particularly valuable when;

The new Windows Agent v2.0.122 introduces the following improvements:

:

An issue that prevented installation of the previous MSI version on Windows Server 2012 builds has been resolved. The agent can now be successfully installed on this platform.

Some DNS caching servers (commonly found in certain cable and DSL modems) return DNS responses in a non-compliant format when an OPT field is present. Instead of placing the answer section immediately after the query section, they append OPT records first, followed by the actual answer.

With this update, the DefensX Agent now detects and correctly parses these malformed responses, ensuring reliable DNS resolution even in such environments.

A rare issue (impacting approximately 1 in 140,000 agents) could occur in environments with multiple WFP-based drivers. If a previous driver shutdown was not completed properly, it could cause instability during the shutdown of subsequent drivers.

The new version includes an additional protection mechanism to prevent this. Driver shutdown operations will now complete safely, regardless of other drivers’ behavior.

To make it easier and faster to set up new customers, we’ve introduced new API capabilities that let partners predefine security level and message template during customer creation.

We’ve added:

GET /message_templates – Lists available message templates

GET /policy_templates – Lists security level presets (e.g., Monitor Only, Basic, Standard, Strict, and partner’s own policy templates)

The POST /customers endpoint now supports:

message_template_id – Select a message template to customize end-user dialogs

policy_template_id – Select a policy template during onboarding

These changes make it easier to create customers via the Partner API and reduce manual configuration.

DefensX Custom Message Templates now use the Light Theme by default. This change ensures customer logos are displayed more clearly, as most logos are designed for white backgrounds. Partners can still customize templates as needed, but Light Theme will be the starting point going forward.

Added integration with Autotask to support automated ticketing and billing, simplifying workflows for MSPs.

For setup instructions, see the Knowledge Base Article

We’ve added support for Duo Single Sign-On (SSO) to enhance the security and flexibility of backend and admin portal access.

With this update:

• Admins can now authenticate via Duo SSO, aligning with enterprise identity policies.

• Seamless integration supports centralized access management and multi-factor authentication.

• Reduces login friction while maintaining strict access controls.

Learn more: Duo Integration Guide

You can now view which websites users accessed using your company’s email domain. This powerful visibility feature helps you:

In addition, the system now also lists all email domains used by your users when logging into different URLs, helping identify unmanaged or shadow IT behavior.

We’ve added support for enforcing

Previously, only the applied to all users globally. With this update, policies without user group assignments are now enforced globally, just like the Default Policy. When multiple such policies exist, they are applied in , with precedence given to the first matching policy in the list.

This improvement simplifies policy management for smaller organizations and environments without directory services, enabling broader and faster policy enforcement with fewer configuration steps.

All tenants immediately.