Want the full details? Click the link below!

Because this is a full architectural rebuild and not a standard installer update, getting set up looks a little different. Reach out to your account manager or email us to get started.

What’s New in the new Netwrix Access Analyzer

Coverage across the environments that matter most

The new Access Analyzer supports Active Directory, Entra ID, Windows File Servers, NetApp, Dell EMC and SharePoint Online, each with purpose-built reports for access permissions, sensitive data, and identity insights. Whether you’re auditing on-premises file shares, mapping permissions across your Microsoft 365 tenant, or trying to get a coherent view of who can reach what across hybrid infrastructure — the data is there, structured, and ready without custom work.

data risk1130×830 44.1 KB

Microsoft Copilot Readiness Assessment and Activity Visibility

The new Access Analyzer gives you two things most organizations are missing before and after a Copilot rollout.

Copilot Readiness Assessment surfaces the data exposure risks Copilot could reach before it reaches them such as open shares, overpermissioned content. Know what you’re exposing before you flip the switch.

Copilot Activity Monitoring gives you visibility into what Copilot is actually accessing once it’s deployed, broken down by interaction type, user, and activity over time across M365 Copilot, Copilot for Security, and Copilot Studio.

image (3)967×883 78.2 KB

In a single view you can see total event volume, which users are most active, and what content they’re touching — all inside your infrastructure, with no data leaving your environment.

Real-Time Activity Monitoring

Access Analyzer now delivers real-time activity monitoring, so your security team sees what’s happening now and can take appropriate action.

Note: Real-time activity monitoring requires Netwrix Activity Monitor 10.0.

MIP Labeling and Validation

The new Access Analyzer reads existing Microsoft Information Protection labels applied to your file server and SharePoint Online content, compares them against what it finds during a sensitive data scan, and automatically corrects labels that were applied incorrectly.

This works in both directions — under-labeled sensitive files get upgraded, over-labeled non-sensitive files get corrected. You can configure label mapping rules per Source Group, so different environments can have different mapping logic.

Additionally, MIP label mapping is now configurable from within the sensitive data settings UI — define how detected data patterns map to your MIP label taxonomy directly in the product. Once configured, the correct label is applied automatically when a pattern is matched during a scan.

labeling782×900 78.4 KB

Edge Scanning

For environments with OT networks, DMZs, or strict east-west traffic controls — Edge Scanning lets Access Analyzer reach data sources without requiring direct connectivity from the core platform and without firewall changes.
You deploy a lightweight Edge Scanner agent in the same network segment as your sources. The agent handles collection locally and communicates outbound over a secure tunnel. A guided wizard handles deployment and registration. Edge Scanner tokens support automatic rotation, audit logging, and revocation.

image (3)2535×782 90.9 KB

Major Enhancements

Guided Source Setup

Connecting a new data source now follows a three-step wizard — credentials, connection testing, and scan configuration in a single flow. Setup persists to the database, not browser state, so it’s resumable if you need to step away. Covered in this release: Active Directory, Entra ID, File Server, and SharePoint Online.

Source Group Management

Source Groups let you manage multiple related data sources under a shared service account and scan configuration. Configure once, run independently, view together. The Scans page shows status at the group level alongside per-source detail — reducing credential sprawl and maintenance overhead across complex environments.

connect sources21315×652 52.8 KB

Streamlined Administration

Everything in the new Access Analyzer is managed from the browser, no remote server login required. Every capability is API-accessible, so your team can build automation, integrate with existing security tools, and power AI-driven workflows without stepping outside the platform.

image (3)543×466 17.5 KB

Improved Reporting

The new Access Analyzer replaces SQL-based outputs with Metabase — an embedded analytics layer that gives security stakeholders dynamic dashboards and significantly easier report customization. Reports that previously required SQL knowledge can now be built and modified directly in the UI.

A new unified analytical schema normalizes data across all connected sources, enabling cross-source queries and reports that treat Active Directory, File Server, and SharePoint Online as a single coherent dataset.

Join Us Live — Webinar: What’s New in Access Analyzer

We’re hosting a live session on May 14. We’ll walk through everything in this release, demo the key capabilities, and take your questions live.

Date and Time: 2026-05-14T14:00:00Z

Register here

If you can’t attend live, register anyway and we’ll send you the recording.

Support for your current version

Whether you’re running Access Analyzer v11.6 or v12, your current version remains fully supported. The new Access Analyzer is available to you now — reach out to your account manager or email us.

Need help with this update?

There are many different ways to get help with our products!

What are your thoughts?

We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!