Customers can now be created in a trial state via the API, automatically transitioning to a billable account once the trial period ends.

When using the POST /customers endpoint, setting "trial": true in the request body will create the customer in trial mode, enabling automated onboarding flows to be fully managed through the API from trial creation to active billing.

For environments using both SAML integration and the Teams feature, it is now possible to automatically assign admin users to DefensX Teams by mapping a SAML attribute.

This functionality is currently documented for Okta and Duo SAML integrations in the knowledge base: https://kb.defensx.com/docs/categories/62-Identity-Providers/topics/3ab53de4-fceb-4052-b273-7f02ac9d6794#_enabling_the_teams_mapping

When Teams Mapping is enabled, admin users’ team assignments are automatically updated on each login based on the teams defined in the configured SAML Identity Provider.

Category-based actions are now supported in both and

Previously available in Web Filtering, this capability is now extended to provide unified category-driven enforcement across additional inspection layers.

With this enhancement, administrators can:

• Define actions based on URL/Domain categories

• Improve policy precision and consistency

• Apply structured enforcement across credentials and files

This update enhances overall policy flexibility while keeping configuration straightforward.

Customer admins can restrict log access for all other stakeholders, including DefensX and MSP teams. Alternatively, they can limit access only for DefensX admins while still allowing MSP admins to view logs for troubleshooting purposes.

User group synchronization between your Identity Provider (IdP) and DefensX is now supported during SAML SSO login, for both new and existing users.

To enable this feature in the DefensX Backend, go to Settings → SAML SSO Integration and update the configuration:

Additionally, ensure that group claims are configured in your IdP so that user group information is included in the SAML SSO assertion.

DefensX now includes native Dynamic DNS (DDNS) provider capabilities, removing the need for third-party DDNS services.

Previously, you could assign dynamic hostnames from external DDNS providers as deployment IPs in the DefensX Backend. These hostnames were periodically resolved, and policy rules were automatically updated on DefensX Anycast servers.

With this update, you can now create and manage your own Dynamic DNS records directly within DefensX. All records are hosted under the subdomain, ensuring DNS-based policies stay aligned even when public IP addresses change.

For detailed setup instructions, see the Knowledge Base article on configuring DDNS in DefensX.

We've significantly improved the hostname search capabilities in log analysis, giving you more control and precision.

Examples of supported search behaviors:

This enhancement lets you easily switch between exact match, contains, and wildcard domain searches, making it faster and more intuitive to find what you’re looking for.

🔐 New Feature Release: Enhanced RBAC with Team-Based Access Control

We’re excited to announce the rollout of our Enhanced Role-Based Access Control (RBAC) — a powerful upgrade that gives Managed Service Providers (MSPs) and enterprise administrators greater control, clarity, and flexibility over access management across DefensX services.

🚀 What’s New?

✅ RBAC Teams

Admins can now organize their internal users (such as staff, engineers, and analysts) into Teams — enabling more precise delegation and streamlined control over customer accounts and operations.

✅ Granular Role Assignment

Assign predefined roles (e.g., View Only, Policy Editor, Billing, Full Admin) to individual team members — either globally or per-customer.

✅ Per-Customer Access Scoping

No more “all or nothing” access. With per-customer scoping, your staff can now be granted access only to the customers they manage — improving operational security and minimizing risks of accidental misconfiguration.

✅ Audit-Friendly Transparency

Each user’s permissions and access scopes are now fully traceable and easy to review — ideal for compliance and operational oversight.

⸻

📚 Learn More & Get Started

🔗 RBAC Teams Overview & Setup Guide

You can now specify , , and on the Service Tickets configuration screen for tickets created from DefensX.

These fields are optional and can be used to enable more advanced automation and streamline ticket management.

You can now search for a computer's hostname across all customers under your management through the Computer Search feature which you can find on Global Tools > Search at the partner level of DefensX Backend.

This is particularly valuable when;