Spring (Q2) 2025 Release

Secret Server on Platform

Azure Key Vault (AKV) Integration (in GA): Streamline secret and Non-Human Identity management with native integration to Azure Key Vault. This enhancement enables centralized secret updates, supports frequent rotation, and enforces governance with fine-grained roles, permissions, and full audit logging. Learn more about this capability here.

Continuous Identity Discovery (CID)

Active Directory (AD) Support for CID (in GA): CID now supports Active Directory environments. Key features include:

  • Discovery of privileged users (including admin, shadow, and other elevated accounts) through ACL-based permission analysis

  • Enhanced AD visibility with the ability to view and filter directory data for easier investigation and management

  • Learn more about this capability here.

Identity Threat Protection (ITP) and Privilege Control for Cloud Entitlements (PCCE)

Google Cloud Platform (GCP) support for ITP (in GA): You can now integrate GCP with the Delinea Platform (ITP) to extend identity-centric security across your Google environment. This integration enhances access management and helps secure privileged identities by providing visibility into the following:

  • GCP Role Refactor - Identify unused permissions within GCP roles to help you move toward a least privilege model.

  • GCP Shadow Admin Check - detect shadow admins, non admin users with the ability to escalate their access to administrative

  • Identify Non-Vaulted Accounts - Gain visibility into privileged, admin, and shadow accounts that aren't properly vaulted.

  • Non-Rotated Access Keys - Identify and address non-rotated keys to ensure your security practices align with best practices for key management.

  • Visibility – Identify and query users' access in workspace admin directory and GCP to explore their access per project

  • Learn more about this capability here.

Account MFA Factors (in GA): Organizations often struggle with limited visibility into the Multi-Factor Authentication (MFA) factors enabled across their cloud environments. With the general availability of Account MFA Factors, customers can now gain insights into the MFA methods enabled and their security level, quickly identifying high-risk users with weak authentication factors. Learn more about this update here.

Analytics

Analytics Now (in Public Preview): Analytics provides deeper visibility into user behavior and risk, helping organizations strengthen their security posture. Key features include the following:

  • Real-time risk scoring based on behavior and authentication threats

  • Detection of anomalies and behavioral changes

  • Near real-time threat investigation and response

  • Customizable risk parameters to reduce false alerts and align with your policies

  • Learn more about this new service here.

Identity Lifecycle Management (ILM)

Identity Lifecycle Management (ILM) (in Private Preview): ILM streamlines the entire user identity lifecycle—from onboarding to offboarding—by dynamically adjusting access as roles evolve. Key features include the following:

  • Automated Joiner-Mover-Leaver Processes: Seamlessly create and manage identities, provision access at onboarding, and adjust or revoke access as users change roles or exit.

  • Security & Compliance: Built on the cloud-native Delinea Platform, ILM leverages real-time identity and access context to detect risk, enforce policies, and manage access automatically.

  • Intuitive Workflow Design: Easily configure lifecycle workflows with a no-code, drag-and-drop interface—no custom coding required.

  • Learn more about this new service here.

Privileged Remote Access (PRA)

PRA Workloads (in GA): PRA capabilities are now available through a unified deployment on the Delinea Platform Engine, with centralized management via the Engine Management interface. This is supported on both Windows and Linux. As part of this change, PRA no longer supports the creation of new Sites or the installation of new Engines for standalone PRA engine. Tenants requiring new Sites or Engines must now use Platform Sites and deploy Platform Engines with PRA capabilities. Note that previously deployed PRA sites and standalone engines will continue to function normally but will not be updated to support new functionality on the future roadmap. Learn more about this new capability here.

Connection Manager (CM)

Connection Manager 2.6 Release

  • External Browser MFA for Secrets: This update extends external browser-based MFA to protect access to secrets, adding a new layer of security through the Delinea Platform. Previously, this MFA method only supported platform login.

  • Fullscreen Display Support for macOS: Users on macOS can now enjoy a more seamless and native full screen experience in CM, enhancing overall usability.

  • New SSH Terminal for macOS: A redesigned SSH terminal delivers improved performance, user experience, and convenience for macOS users.

  • More updates and enhancements are detailed in these release notes.

Connection Manager 2.6.1 Release

  • This release addressed a couple bug fixes and their related improvements. See release notes for additional details.

Inventory

Permissions on Collections (in Public Preview): You can now assign granular permissions to computer collections, allowing precise control over which computers end users can view and interact with. This new capability currently supports computer collections, with plans to extend to additional asset types in the future. This update also introduces a new permission specifically for launching access with Privileged Remote Access (PRA), along with UX enhancements to streamline the setup and management of these permissions. Learn more about this new capability here.

Identity and Federation

Non-Interactive Service User Option (in GA): To help customers enforce the intended use of service users—automation, not interactive access—we’ve introduced a new non-interactive option in identity policies. When enabled, this setting prevents service users from logging in through the UI, reducing the risk of misuse and strengthening overall security. Interactive login remains available when needed, but customers now have full control over how service users can access the platform. Learn more about this update here.

Engine Management

Enhanced Web Proxy Support for Deployments (in GA): This update addresses issues where restrictive web proxy settings block configuration file downloads, leading to deployment failures. We've introduced improved proxy handling across Engine binary download, configuration file retrieval and engine service communication. Learn more about these updates here.

Marketplace and Integrations

View Configured Integrations: Added the ability to view all configured integrations, providing greater transparency and easier management. Learn more about this update here.

Download Center UX Improvements: Improved usability in the Download Center for a more streamlined and intuitive experience. Learn more about the Download Center here.

New and Updated Integrations:

  • CrowdStrike Falcon Fusion SOAR Integration GA

  • Addition of GitGuardian Scout Integrations for Delinea Platform GA

  • Keyfactor Control Integration GA

  • Avantra AIOPs for SAP for Delinea Platform GA

  • RabbitMQ Helper 12.1.0

  • Oracle JDBC Proxy Driver to support Delinea Platform

  • Rapid7 InsightVM with Delinea Platform

  • Integration with ConnectWise Screen Connect V4.0 to support Delinea Platform

  • External Secrets K8 Integration

  • Utimaco support for u.trust General Purpose HSM Se-Series

Other Updates

United Arab Emirates (UAE) databoundary availability: Customers with data residency requirements in the UAE and neighboring regions can now deploy the Delinea Platform and Secret Server Cloud within the UAE. This new regional deployment offers reduced latency and enhanced performance for customers in this region. Learn more about regional availability here.

Delinea Platform Mobile App: Vaulting capabilities are now available in the Delinea Platform Mobile app, expanding on the existing mobile features to deliver a more complete, end-to-end experience for users managing the platform on the go. This update empowers users with greater control and flexibility, even when away from their workstation.

  • Create and edit Secrets directly from the mobile app

  • Complete security workflows on the move

  • Access vaulted credentials securely from your mobile device

Improved Grid Filter Persistence for Seamless Task Switching: We've made it easier to pick up where you left off. Full-page grids can now remember your filter settings between sessions, reducing time spent reapplying filters when returning to previous tasks. Turn on the “Remember filter values” option under User Preferences in Platform to start using this feature.

Secret Icons for a More Intuitive Experience: Icons can now be associated with Secret Templates to make it easier for users to visually identify and interact with different types of secrets. Learn more about this update here.

Performance and Resiliency Enhancements for Policy Propagation: Several improvements added to ensure smoother and more reliable policy propagation for Privilege Control for servers, especially in environments with a high volume of policies. Key updates include the following:

  • Enhanced resiliency for Command Relay under load

  • Optimizations to messaging queue handling for better throughput and stability

  • Improved processing efficiency for collections, reducing latency and improving scalability