BeyondTrust Introduces Azure Sentinel SIEM Integration, Management API & macOS Monterey Support

The latest release of Privilege Management for Windows and Mac delivers new support and integrations to bring more seamless, granular control over Windows and Mac devices. The release also features new integrations and compatibility upgrades that enable Privilege Management Cloud to protect the necessary use of privilege in cloud environments, identity and access management (IAM) systems, and cloud-native application program interfaces (APIs).

Key capabilities with this new release include Azure Sentinel SIEM Integration, Management API, and Native Support for macOS Monterey and M1. Our customers will benefit from more efficient and streamlined workflows between endpoints, while also ensuring faster policy implementation and improved access controls and auditing.

Please see the release notes here, or read on for more highlights from this release.

Azure Sentinel SIEM Integration

With the release of Privilege Management Cloud, our customers can now configure a direct integration from the BeyondTrust solution to your Microsoft Azure Sentinel SIEM instance. This integration enables customers to forward all endpoint audit event data and console activity audit data to their Azure Sentinel SIEM.

Reduced Policy Poll Time

This release improves the workflow between Privilege Management Cloud and computers, reducing the poll time for policy to about 5 minutes. Endpoints will also be able to automatically download new and revised policies significantly faster.

Management API – Groups & Computers

Users of the Privilege Management Cloud API can now retrieve data about Computers and Groups, including logs, as well as make changes to the computer state.

The following capabilities have been added to the PM Cloud API:

Computers

Retrieve Computer List
Retrieve Computer Detail
Request Computer Logs
Get Computer Logs
Download Computer Log
Get Computer Command Log List
Deactivate Computers
Delete Computers
Authorize Computers
Retrieve Computer Status Info
Reject Computers
Renew Certificate for Computers

Groups

Retrieve Group List
Retrieve Group Detail
Create Groups
Modify Groups
Delete Groups
Mark Group as Default
Assign Computers to Group
Assign Policy Revision to Group
Clear Policy from Group

Policies

Retrieve Policy List
Retrieve Policy Detail

macOS Monterey Support

Support for macOS Monterey ensures compatibility with the latest macOS from Apple, macOS Monterey. Customers can update to Monterey, with Privilege Management for Mac being supported.

Native M1 Support for Mac

Customers on Mac M1 no longer need to rely on Rosetta 2, a translation layer that allows software configured to run on Intel architecture to run on the new M1 Macs. This benefits customers because they are no longer required to ensure Rosetta 2 is present on M1 Macs for Privilege Management for Mac to function.

Other Enhancements

Privilege Management Cloud Force Policy Update is now available for Mac
Trusted Application Protection configuration is now available in the Privilege Management Cloud Web Policy Editor
ServiceNow ticket update checks now happen more dynamically, without relying on a poll with Privilege Management Cloud
Added support for running Privilege Management Cloud Adapters as Local System on Windows
Improved Password Safe integration by simplifying configuration of mixed Privilege Management Cloud and on-premises deployment

About BeyondTrust Privilege Management for Windows & Mac

BeyondTrust Privilege Management for Windows & Mac pairs powerful least privilege management and pragmatic application control capabilities, delivering fast, unmatched preventative endpoint security. Grant the right privilege to the right application – not user – only when needed, and create a single audit trail.

Some benefits and key differentiators for BeyondTrust Privilege Management for Windows & Mac include:

QuickStart Templates: Implement least privilege policies in days with flexible, out-of-the-box workstyle templates.
Trusted Application Protection: Stop attacks involving trusted applications and catch bad scripts and infected email attachments. Immediately stop trojan horses, fileless attacks, and more with pre-built templates.
Pragmatic Application Control: Get control over what users can install or run back into the safe hands of IT, with automated exception handling. This helps eliminate malware and ransomware threats.
Passwordless Administration: Perform administrative functions on an endpoint—without the need for privileged or administrator credentials. This eliminates the biggest and most prized attack vector sought by threat actors: passwords.
Out-of-the box integrations: Integrate Privilege Management for Windows and Mac with your other solutions, including ServiceNow, VirusTotal, and Multi-Factor authentication providers.
Open Integrations Framework: Utilize PowerShell scripts with Power Rules to automate workflows, create custom behaviors, or build integrations with ITSM solutions and other tools.
Enterprise Auditing and Reporting: Provide a single audit trail of all user activity to streamline forensics and simplify compliance, using graphical dashboards and reports for quick access.

Learn more about Privilege Management for Windows and Mac, or view a demo here.