Version 2024.3 September
App Distribution
 Windows Package Manager (winget) support
Windows Package Manager (winget) support
                                            Access the large library of application installers in the Windows Package Manager repository to quickly create apps in the App Distribution app catalog. The apps are installed on Windows 10/11 devices using the Windows native winget application.
Learn more about Package manager.
 AWS S3 support, and the ability to upload files, added to the cloud storage explorer
AWS S3 support, and the ability to upload files, added to the cloud storage explorer
                                            The cloud storage explorer now supports AWS S3 as a storage source. The cloud storage explorer also allows users to upload files to AWS S3 or Azure blob storage.
Learn more about Cloud file explorer.
Patch Management
 Linux patch by severity
Linux patch by severity
                                            The ability to deploy Linux patches based on severity has been added.
Learn more about Configuration Behavior.
Connectors
 Deleting orphaned records
Deleting orphaned records
                                            You can now see connectors that have orphaned records in Ivanti Neurons. A banner on the Connectors page will alert you if any orphaned records exist and allow you to wipe these records from Ivanti Neurons. Learn more about Connectors.
Version 2024.3 August
External Attack Surface Management
 PDF Report generation
PDF Report generation
                                            This new feature allows you to generate PDF reports for any selected seed domain. This report includes all the assets and exposures discovered through the selected seed. You can request this detailed report and download it once ready.
Learn more about generating reports.
 Asset Criticality
Asset Criticality
                                            You can now change the business criticality for any asset. All discovered assets are given a ‘3- Medium’ criticality by default, but based on its business context you can change the criticality from a scale of 1 through 5.
Learn more about asset criticality.
 Quick Filters
Quick Filters
                                            A Quick Filters section is now available on top of the data grid for assets and exposures. This helps you to apply filters easily with just a click. This has limited but very useful filters such as Seed assets, Ransomware, Exploits, etc.
 Blocklisting domains
Blocklisting domains
                                            A new API allows administrators to blocklist certain domains such as sensitive government websites, competition websites, and so on from generating EASM data or reports.
Learn more about managing the seed blocklist.
Patch Management
 Deploy by Risk – Windows
Deploy by Risk – Windows
                                            Keeping up with the frequency of patch releases is challenging. To better manage the continuous release of updates from vendors, the Patch Settings have been expanded to include three tasks that can be configured in parallel. The Routine Maintenance task manages your typical update cycle including OS updates and any other applications that often require a reboot. The Priority Updates task manages more frequently released applications that often do not require a reboot such as browsers on a weekly or more frequent basis. Finally, the Zero-day Response task focuses on very specific updates approved for immediate remediation when deemed necessary.
Learn more about Creating a Custom Patch Configuration.
 Filter Microsoft Preview Patches
Filter Microsoft Preview Patches
                                            Microsoft Preview Patches release at the end of the month and include bug fixes and feature enhancements. This Preview patch is the source of many a known issue, so most admins want to avoid that. We are giving you an simple toggle to ignore these Preview patches entirely.
Learn more about Creating a Custom Patch Configuration.
Platform
 New permissions for Access Control
New permissions for Access Control
                                            Two new permissions have been implemented for Access Control:
- 
                                                        Delete Device: Assigning this permission to a member will give them the ability to delete a device from the Devices view. Any member without this permission will not be able to delete a device and the delete button will be hidden. 
 This permission can be found under the Global Actions permissions.
- 
                                                        Create & Modify Public Device Groups: Assigning this permission to a member will allow them to create, edit and delete a public group. Any member without this permission will not be able to edit public groups. 
 This permission can be found under the Devices permissions.
Learn more about Access Control.
Version 2024.3 July
Edge Intelligence
 Edge Intelligence Settings
Edge Intelligence Settings
                                            A new section has been added that enables you to manage Edge Intelligence configurations related to location tracking as well as monitoring specific metrics on endpoints. These configurations must be applied to endpoints using Agent Policies, when you enable the Edge Intelligence capability. Multiple configurations can be created and assigned to differentiate settings among endpoints.
Learn more about Edge Intelligence Settings.
 Edge Intelligence Monitoring
Edge Intelligence Monitoring
                                            It is now possible to monitor various device metrics on endpoints. Metrics such as CPU utilization, memory usage, disk space, battery health and location history can be enabled individually via the Edge Intelligence settings section. This configuration can be applied to some or all of the endpoints in your environment using Agent Policies. Once enabled you can request the historical data via the Edge Intelligence UI. Please see the info bullet next to the metric for details on where to find the data.
Learn more about Edge Intelligence Monitoring.
 New query: Removable storage devices
New query: Removable storage devices
                                            You can now review which devices have removable storage connected, including media inserted into built-in and USB card readers. You can access this query via the suggestions page or by using the search.
 New query: Ivanti Application Control (hybrid) Overview
New query: Ivanti Application Control (hybrid) Overview
                                            New overview sensors have been introduced when navigating between the Ivanti Application Control Events Summary and Details sensors. These overview sensors aggregate the application control event count per product name, version and vendor.
 Query enhancement: Ivanti Application Control (hybrid) Denied Executables Details
Query enhancement: Ivanti Application Control (hybrid) Denied Executables Details
                                            An additional property “File Owner” has been added to the query results. This enables you to identify the file owner, for example when a file is blocked due to untrusted ownership.
Neurons Bots
 Queue bot run for offline devices
Queue bot run for offline devices
                                            In both Healing and Workspace it is now possible at the time of triggering a bot to either follow current behavior of targeting only devices that are currently online, or alternatively additionally queue the bot against offline devices in scope to run after they next come back online – this is great for running one time remediations, getting more results for an email report, or simplifying bot logic without needing repetition control for a bot containing a human interaction like a survey for example.
 Custom Actions: Support for People view
Custom Actions: Support for People view
                                            It is now possible to publish bots to the people view/people list view – stay tuned for additional action stages to increase the breadth of remediation possibilities.
Learn more about custom actions for People view.
 New Stage content
New Stage content
                                            The following new stages have been added:
- Crash dumps summary: This query stage returns a summary of crash dumps found on your endpoints.
- Crash dumps details: This query stage returns details of crash dumps found on your endpoints.
- Unexpected Shutdowns stage: This stage replaces Blue screen crashes stage and can be configured to ignore certain bug codes.
- App State stage: This query stage now returns the Username and Install Type and can be configured to filter on a Username.
 New templates
New templates
                                            A number of new templates have been made available to increase the out-of-the-box experience and showcase the latest technologies in the platform.
App Distribution
 Target devices using device and security groups from the AD and Entra ID connectors
Target devices using device and security groups from the AD and Entra ID connectors
                                            The device and security groups that are imported by the AD and Entra ID connectors are available to select for group targeting.
 Wait action added as a new action
Wait action added as a new action
                                            A new action was added which allows you to create a “wait” during the package execution process. It is configurable in seconds.
Learn more about Package actions.
 Export data from Deployment Status page
Export data from Deployment Status page
                                            You can select one or more devices in the Deployment Status page and export the information in the grid to a csv file.
 Other enhancements
Other enhancements
                                            - Each list view window now has a column chooser option and columns can be moved to different locations by dragging.
- In the download action, the filename is now displayed under the URL edit field, to make it easier to see the name of the file associated with the URL.
- Added a Modifed Date column to the Distribution list view.
- Added support for .msp files in the MSI action.
Patch for Intune
 Patch Available or Patch Required Assignments
Patch Available or Patch Required Assignments
                                            Microsoft Intune allows you only one or the other option: Available shows in the company portal for user self service, and Required enables updating after installation. Rather than publish twice to manage both experiences, Ivanti Neurons Patch for Intune enables you to publish to both experiences in the same step.
Learn more about configuring the management of a product.
 Major Version Approval
Major Version Approval
                                            Automatically publishing minor versions is low risk and admins are comfortable letting that happen automatically. However, major versions may require additional approval. The option to not upgrade to the next major version has been added to allow more control over version upgrades.
Learn more about configuring the management of a product.
 Automatic Cleanup of Previous Versions
Automatic Cleanup of Previous Versions
                                            Some products release new versions frequently, so deleting older versions of these products can become time consuming. For products such as these, you can now enable the automatic cleanup of old versions as part of the configuration.
Learn more about Automatic Cleanup of Previous Versions.
Patch Management
 Compliance Reporting – Filter by Device Group
Compliance Reporting – Filter by Device Group
                                            Device Groups have been added to Compliance Reporting making it easier to manage which systems are represented in each report.
Learn more about Compliance Reporting.
 Archive/Delete Patch Configurations and Compliance Reports Enhancements
Archive/Delete Patch Configurations and Compliance Reports Enhancements
                                            Expanded RBAC permissions, audit entries included when Compliance Report or Patch Settings are deleted, and the option to delete Patch Settings that have been archived have all been added.
 Linux Deploy by Package Support
Linux Deploy by Package Support
                                            The initial experience for Linux was to scan for all updates and deploy all updates. To enable more granular control of what gets deployed, you can now select specific packages or advisories. More capabilities to deploy by Severity and other options to control deployment will be coming in later releases.
Platform
 Agents > Agent Deployment > Deploy From
Agents > Agent Deployment > Deploy From
                                            It is now possible to select an Automatic option when configuring which device, that contains a deployment engine, to deploy agents from. Previously, it was only possible to select a single device to deploy from, which meant if the subnet on which the target devices were located was not reachable, agent deployment could fail. By selecting Automatic, the Neurons platform now automatically decides the best placed device to deploy agents from.
 Dashboard Designer
Dashboard Designer
                                            The following features have been introduced:
- People dataset
- Line chart
- Drill to detail
- Download chart data to Excel
- Share dashboards via email
 App Switcher
App Switcher
                                            The App Switcher  located in the toolbar, enables easy product discovery and provides a unified navigation experience across Ivanti Neurons for Unified Endpoint Management (UEM) and Ivanti Neurons for Modern Device Management (MDM).
 located in the toolbar, enables easy product discovery and provides a unified navigation experience across Ivanti Neurons for Unified Endpoint Management (UEM) and Ivanti Neurons for Modern Device Management (MDM).
 Import a list of devices from a file
Import a list of devices from a file
                                            You can now import a list of devices from the create device static group. This is a CSV formatted file that allows you to quickly add devices to the device list.
Learn more about Importing devices to a static group.