Skip to main content

· One min read
Browser Support

We're excited to announce that XFA now fully supports Brave and Safari browsers, expanding our compatibility to provide a seamless experience across more platforms. Previously, Brave was supported through our extension, but this is no longer necessary. Both browsers are now supported by the latest version of our desktop application.

This expansion ensures that users can access XFA's security features regardless of their preferred browser choice.

· One min read

New security check: Device restart verification

Device Restart

We've introduced a new security feature that verifies if a device has been restarted recently. This check helps ensure that the device is in a clean state and hasn't been compromised.

Why this matters:

  • Clear potential malware and exploits
  • Complete security updates and patches
  • Reset network connections to prevent unauthorized access
  • Eliminate memory leaks that could lead to vulnerabilities

You can now enforce users to restart their device if it detects that the device hasn't been restarted for an extended period, helping maintain optimal security conditions. Do you want to know more about why you should enforce this check? Check out our blog post.

· One min read

🔐 Biometric authentication now mandatory

Biometrics

To enhance security, XFA now makes it possible to require biometric authentication (fingerprint or face recognition) for all sensitive operations. This ensures that only authorized users can access protected features.

Key changes:

  • Enforce biometric authentication for all sensitive operations
  • Support for both fingerprint and face recognition
  • Seamless integration with device security features

This mandatory biometric authentication adds an extra layer of security to ensure that only the rightful owner of the device can access sensitive information and perform critical operations.

Go to the policies page to enable this feature.

· One min read

XFA now identifies potential vulnerabilities on your devices.

Vulnerabilities

We’ve introduced an easy way to see which high and critical vulnerabilities your devices might be exposed to. Right at the top of your dashboard, you’ll find three components that organize potential threats into clear categories:

  1. Data Breach
  2. Ransomware
  3. Phishing

By clicking on any of these categories, you can see exactly which devices are affected. This makes it easier to prioritize and address security risks before they escalate.

Why it matters

  • Protect sensitive information – Unaddressed vulnerabilities can lead to unauthorized access or data leaks.
  • Stay ahead of ransomware – Outdated systems are prime targets for malicious attacks.
  • Prevent phishing attempts – Recognize and mitigate exposure points to keep users safe.

Next steps

  • Review each category at the top of your dashboard to see potential vulnerabilities.
  • Identify affected devices and request that your employees or colleagues update their devices.

Have questions or feedback? Our support team is here to help.

· One min read

📱 XFA now identifies if your mobile phone is rooted or jailbroken.

Vulnerabilities

To ensure the security and integrity of our application, we now check if a mobile device is rooted, jailbroken, or has developer mode enabled.

These checks are important because:

  • Rooted or jailbroken devices remove built-in security restrictions, making them more vulnerable to malware, data breaches, and unauthorized modifications.
  • Developer mode can expose sensitive debug information and enable actions that bypass security mechanisms.

· One min read
Desktop Application

We've released our new Desktop Application for macOS and Windows. This application will replace the web extension and provide a more seamless experience for users.

The XFA Desktop Application allows dekstop devices to communicate with the XFA service and serves as a critical tool for maintaining device compliance, managing multi-factor authentication (MFA), and controlling data sharing with organizations.

info

Note: Users can uninstall their browser extension, except for Brave users who should keep it installed.

More info.

· One min read

Discovery

You can now link your Okta account to XFA to discover all your devices and ensure compliance. XFA reads authentication logs and derives the devices used by each user from these logs. This will lead to a full overview of all discovered devices without verified information.

Get started in the XFA Dashboard under Discovery.

· One min read

Awareness scoping

In the Awareness tab, you can configure which devices and groups receive awareness emails. Before you can configure which emails to send and the frequency, you need to define the scope for the devices and groups that will receive these emails.

Scoping Options

When setting up the scope, you can choose between:

  1. All Devices: Emails will be sent to all discovered or enforeced devices within your organization.

  2. Limited Scope: Fine-tune which devices and users receive emails by configuring the following options:

    • Ignore Managed Devices: Exclude devices managed by your IT team from receiving emails.
    • Ignore Desktop Devices: Exclude desktop devices from receiving emails.
    • Ignore Mobile Devices: Exclude mobile devices from receiving emails.

    If your organization has completed a discovery integration (e.g., with Google Workspace, Microsoft, or Okta), you can also configure group-based scoping:

    • Groups: Select specific groups to receive emails. These groups are managed within the integration application (e.g., Google Workspace Admin Console).
note

Scoping must be configured before selecting the email types and frequency.

Learn more about scoping.

· One min read

Notifications

You can now choose which notifications you want to receive. We may still send you important information about your account outside of your notification settings.

Manage your notifications.

· One min read

Policy versions

You can now accept beta versions or major versions on your policy. This will allow you to have more flexibility when enforcing security rules for your organization’s devices. This is only possible on the OS version or the browser version for now.

Learn more about Policies.