April 2025 Release notes - Conditional Access Policies

Support for conditional access policies

AuthNull now enables support for creating conditional access policies using the following conditions

• networks - select specific ip address ranges
• location - select specific country, city
• user risk - ability to target users given a risk score from 0-10. Risk computation is managed by AuthNull. Admins will have the ability to customize this soon.
• session risk - ability to target specific sessions within a given risk score from 0-10. Admins will have the ability to customize how this risk score is calculated soon.
• user behavioral analytics - admins can create policies based on UBA parameters trusted location, trusted device, trusted networks and more.
• mfa fail count, auth fail count - admins can create policies measuring how many times these events have occured and allow / disallow access of users to infrastructure when these events occur.
• timebound policy - enable timebound policies to provide just in time access, or time restricted access.