Privilege Management for Windows and Mac: Integrations

An intelligent, preventative endpoint security approach that stops malware and phishing attacks on Windows & Mac. Watch the demo to learn how it works.

ServiceNow

For customers who use ServiceNow to manage IT-related tickets, a BeyondTrust Privilege Management for Windows & Mac integration allows end users to submit requests for approval directly into a ServiceNow ticket. ServiceNow technicians can then directly respond to end users from within the ticket for approval or denial.

This integration not only allows end users to easily ask for elevation of applications and privileges for exception handling, but also streamlines the privilege approval process for service desk technicians.

A BeyondTrust Privilege Management for Windows & Mac + ServiceNow integration provides the following capabilities:

  • Ability to leverage ServiceNow ticket creation with fully customizable messaging to the end user.
  • User submission of a ServiceNow Change Request or Incident, which includes information about the user, environment, application/task, and level of privilege required by the application/task.
  • Ability for ServiceNow ITSM pros to respond to tickets via the click of an "Approve" or "Deny" button.
  • Automatic creation of a permanent overriding rule on the originating endpoint (for the end user who made the request), which automatically overrides any existing policy rule.
  • Ability to revoke previously made decisions via the originating ServiceNow ticket

SIEM

Splunk, AAD Sentinel, Qradar, and more

A SIEM integration with Privilege Management for Windows & Mac configures directly into your SIEM instance of choice. These integrations give technicians and analysts the ability to forward all endpoint audit event and console activity audit data directly to the SIEM for further analysis and event correlation.

VirusTotal

Whether you are reviewing the applications being installed and accessed by your users, handling exception requests, or performing security audits on your endpoint estate, reputation plays a vital role in establishing the risk associated with unknown apps and processes.

BeyondTrust Privilege Management for Windows & Mac Cloud includes Reputation Analytics and Reporting, a simplified method of checking for and validating the reputation of any application or process that has been audited on endpoints managed with Privilege Management Cloud.

Leveraging the powerful VirusTotal database, this feature removes the burden of having to run manual checks on apps. Using your own VirusTotal Premium subscription, scores are pulled directly into the Privilege Management Cloud platform, persisted alongside other application and environment metadata. This provides data for quick and secure decision-making on whether to allow or block unknown apps or exceptions that fall outside of corporate policies.

MFA Integrations

Identity Providers (Azure AD, Okta, YubiKey, PING Identity, and more)

BeyondTrust Privilege Management for Windows and Mac enables the integration of End User Messages with any identity provider (IdP) that supports OpenID Connect (OIDC). As a more secure and more user-friendly alternative to passwords, it brings the familiarity, simplicity, and flexibility usually associated with web-based identity products to Windows and Mac.

Adopting the widely used OIDC protocol means that customers can leverage their existing IdP infrastructure and apply multi-factor authentication (MFA) for users operating in higher flex roles, such as developers who need more privileges than other departments.

The MFA feature is highly configurable and can be combined with other existing types of authentications offered by BeyondTrust to ensure the usability is balanced with security. This additional layer of security for privileged applications ensures the user is validated with an additional factor.

YubiKeys or Smartcards

Enterprises who use YubiKeys or Smartcards—forms of Personal Identity Verification (PIV)—to provide an added layer of authentication for Mac users can now take advantage of YubiKey and Smartcard support in end user messaging, functioning as an alternative to traditional password prompts.

Password Safe

The integration of BeyondTrust Privilege Management for Windows with BeyondTrust’s enterprise credential vaulting solution, Password Safe, enables organizations to seamless solve for two challenging use cases, while unlocking many other synergies for customers. Here are two capabilities you can leverage when Privilege Management for Windows is used alongside Password Safe:

1. Local Rotation of Administrator and Service Accounts

For Windows endpoints under Password Safe management that are not connected to the corporate network, Privilege Management for Windows introduces the ability to apply local account password rotations on behalf of Password Safe via BeyondInsight.

This allows organizations to continue to manage credentials on endpoints for users who are working from remote locations. Based on a configurable heartbeat, Privilege Management for Windows will check in with Password Safe to identify any account passwords that require rotation, apply the change, and verify that the change was successful.

2. “Run As” Password Safe User

Privilege Management for Windows 5.7 provides the ability to run and elevate specific applications using credentials managed and protected by Password Safe. When enabled, Privilege Management for Windows will check out a pre-defined credential at the point that an application launched and pass the credential directly to the process.

This capability significantly extends the concept of JIT privilege management by providing hands-off access to service accounts, domain level credentials, and other privileged credentials. This ensures that credentials are only used as part of specific tasks, and only accessed at the point the task is executed.

For developers, sysadmins, and DevOps, this feature provides the security of vaulting priority accounts and the convenience of performing tasks in the appropriate context—without the need for manual intervention.

Azure Active Directory (AD)

Organizations are increasingly using an Azure Active Directory (AD) over on-premises AD as more workloads are shifted to the cloud. Full Azure AD Account filtering support for the Cloud version ensures policies can be accurately targeted to end users on Windows machines, with the use of Azure Active Directory-only user groups.