December 15, 2025 SaaS Alerts release notes
Fortify Action Processor 2.5.0
IMPORTANT This release requires additional permissions. Any existing Fortify organizations with auto-upgrade enabled will have the permission 'Policy.ReadWrite.AllowSelfServicePurchase' added automatically. Otherwise, the application will require a manual upgrade in order for recAction: Disable Self-service trials and purchases to apply.
IMPORTANT Alternative Mitigation templates: Any template tagged as "Alternative Mitigation" (case sensitive) will not implement the recActions; instead, it will dismiss them in favor of alternative mitigation.
IMPORTANT Require token protection for sign-in sessions conditional access policy: Additional supported applications have been scoped to this policy. If the action has been already applied, it will show as regressed due to missing applications, and it will need to be applied again.
Enhancements
-
Support new snapshot type: Anti-malware Threat Policies
-
Support new snapshot type: Safe Attachments Threat Policies
-
new custom recAction: Disable Self-service trials and purchases
-
Support new snapshot type: Safe Links Threat Policies
-
update recAction: fortify_tokenProtection (Require token protection for sign-in sessions conditional access policy)
-
custom recAction: Disable Teams Chat with Anyone
-
Intune device configuration snapshot: Support configuring groups in parameters, add parameter to create missing groups
-
Add Create Missing Group support to snapshot: Defender Anti-phishing Threat Policies
-
Add Create Missing Group support to snapshot: Conditional Access Policies
-
Alternative Mitigation Templates
-
Add Create Missing Group support to snapshot: Defender Anti-spam inbound/outbound Threat Policies
-
Add Create Missing Group support to snapshot: Defender Anti-malware Threat Policies
-
Add Create Missing Group support to snapshot: Defender Safe attachments Threat Policies
-
Add Create Missing Group support to snapshot: Defender Safe links Threat Policies
