Allow users to request to run an application, installation, script, or task by sending a ticket directly to ServiceNow
Capture events from Privilege Management and report on them in Splunk Enterprise.
The ServiceNow integration enables the submission of a ticket to the IT team, so that they can make an informed and expedited decision on the user’s request to run an application, installation, script, or task.
In the default configuration, when a user runs an application that you are targeting with the ServiceNow Rule Script, the user is presented with the option to raise an incident in ServiceNow or cancel the request. The ServiceNow ticket includes caller, a short description, and a complete description that includes the business justification, the program name, program publisher, program path, challenge code, and the business justification the end user provided.
Administrators can then take action on the incident in ServiceNow and supply the end user with a response code. The end user can then use the response code to 'unlock' the application, allowing it to run.
Splunk Enterprise can be used to capture and report on events from Privilege Management. You can collect BeyondTrust events in two different ways:
The integration of Privilege Management for Windows with our enterprise credential vaulting solution, Password Safe, enables a process for account password changes at any time, in any location, and designed to overcome the limitations of network segmentation.
For those Windows endpoints under Password Safe management that are not connected to the corporate network, Privilege Management for Windows introduces the ability to apply local account password rotations on behalf of Password Safe, via BeyondInsight. This use case helps organizations continue to manage credentials on endpoints for users who are working from remote locations.
Based on a configurable heartbeat, PMW will check in with Password Safe to identify any account passwords that require rotation, apply the change, and verify that the change was successful.
Privilege Management for Window also adds the ability to run and elevate specific applications using credentials managed and protected by Password Safe. When enabled, Privilege Management for Windows will check out a pre-defined credential at the point that an application launched and pass the credential directly to the process.
This capability significantly extends the concept of JIT privilege management by providing true hands-off access to service accounts, domain level credentials, and other privileged credentials. This ensures that the credentials are only used as part of a specific task and only accessed at the point the task is executed.
For Developers, sysadmins, and DevOps, this feature provides the security of vaulting those highly prized accounts, AND the convenience of performing tasks in the appropriate context without the need for manual intervention.