We’re rolling out powerful new capabilities in Netwrix 1Secure—including user-hosted data classification, seven new identity risks, and permission reporting for Windows File Servers (available in BETA). Be among the first to test this highly requested capability!
What’s New in 1Secure August 2025
User-Hosted Data Classification [Available in: DSPM, MSPs]
You can now host data classification components entirely in your own environment—meaning document content never leaves your network. To enable this:
- Download the classifier components via the Azure Marketplace
- Link them to 1Secure by sharing the SAS connection string and the classifier service URL
- Upon registration, the classifier will issue a certificate for accessing SharePoint Online
- Add this certificate to an app registration with appropriate access to your SharePoint tenant
Note: MIP label remediation is not currently supported with user-hosted classification.
BETA: Permission (State-in-Time) Reporting for Windows File Servers [Available in: DSPM, MSPs]
Three state-in-time and two risk permission reports now support Windows File Server data in addition to SharePoint Online, enhancing visibility across hybrid environments. These include:
- Direct Object Permissions (state)
- Direct User Permissions (state)
- High Risk Permissions (state)
- High Risk Permissions on Documents (risk)
- Stale Direct User Permissions (risk)
These reports provide rich context to help you maintain a secure, least-privilege model across your file infrastructure.
Available exclusively to members of the 1Secure BETA Program. To join, fill in this form or comment below.
Seven New Pingcastle Risks for Securing Your Identities [Available in: ITDR, MSPs]
We’ve expanded the risk assessment dashboard with seven new checks to strengthen your AD hygiene and resilience:
- Obsolete Windows Server 2012 Member Servers
- Obsolete Windows Server 2012 Domain Controllers
- OU Accidental Deletion Protection
- Admin Accounts with Email Access
- Weak TLS Protocols used by LDAPS
- Outdated Domain Functional Level (2012R2)
- Domain Controller RPC Coercion
Each of these risks is mapped to known attack paths and helps you close identity-related security gaps faster.
Bug Fixes and Miscellaneous Updates
| Category | Description | Case # |
|---|---|---|
| AI-based risk remediation | Remediation steps for ‘Empty Security Groups’ no longer lists System Critical groups and some non empty groups | 383945 |
| AI-based risk remediation | Administrative Groups remediation no longer attempts to remediate users | 383950 |
| SharePoint Online state-in-time | Additional fixes for SPO crawl tasks getting stuck at import | 394553 |
| Report views | Emails for report view subscriptions don’t include base report name | 395569 |
| Report views | Fixed issue where user would be unable to subscribe to reports with mandatory filters | 395496 |
| PingCastle | PingCastle risk data is now cleared when a PingCastle source is deleted | 390361 |
| Licensing | Computer source no longer shows in list for tenants with ITDR1 license | 396625 |
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: 1Secure > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: 1Secure > Ideas |
| If you have something cool to show… | Show everyone what you built: 1Secure > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!