Privilege Management for Windows & Mac

Integrations for Privilege Management for Windows & Mac

Requests to Run or Install Apps Go Directly to ServiceNow

The ServiceNow integration enables the submission of a ticket to the IT team, so that they can make an informed and expedited decision on the user’s request to run an application, installation, script, or task.

In the default configuration, when a user runs an application that you are targeting with the ServiceNow Rule Script, the user is presented with the option to raise an incident in ServiceNow or cancel the request. The ServiceNow ticket includes caller, a short description, and a complete description that includes the business justification, the program name, program publisher, program path, challenge code, and the business justification the end user provided.

Administrators can then take action on the incident in ServiceNow and supply the end user with a response code. The end user can then use the response code to 'unlock' the application, allowing it to run.

Collect Privilege Management Events in Splunk Enterprise

Splunk Enterprise can be used to capture and report on events from Privilege Management. You can collect BeyondTrust events in two different ways:

  • From your endpoints or from your Windows Event Collector node using the Splunk Universal Forwarder. This approach is useful if you are collecting Windows event log events from multiple sources including Privilege Management.
  • Importing events from the Privilege Management Reporting database using Splunk DB Connect. With this approach you do not need to deploy further agents to your endpoints.

Integrate with BeyondTrust Password Safe

The integration of Privilege Management for Windows with our enterprise credential vaulting solution, Password Safe, enables a process for account password changes at any time, in any location, and designed to overcome the limitations of network segmentation.

Local rotation of administrator and service accounts

For those Windows endpoints under Password Safe management that are not connected to the corporate network, Privilege Management for Windows introduces the ability to apply local account password rotations on behalf of Password Safe, via BeyondInsight. This use case helps organizations continue to manage credentials on endpoints for users who are working from remote locations.

Based on a configurable heartbeat, PMW will check in with Password Safe to identify any account passwords that require rotation, apply the change, and verify that the change was successful.

“Run As” Password Safe User

Privilege Management for Window also adds the ability to run and elevate specific applications using credentials managed and protected by Password Safe. When enabled, Privilege Management for Windows will check out a pre-defined credential at the point that an application launched and pass the credential directly to the process.

This capability significantly extends the concept of JIT privilege management by providing true hands-off access to service accounts, domain level credentials, and other privileged credentials. This ensures that the credentials are only used as part of a specific task and only accessed at the point the task is executed.

For Developers, sysadmins, and DevOps, this feature provides the security of vaulting those highly prized accounts, AND the convenience of performing tasks in the appropriate context without the need for manual intervention.