New Features for PowerBroker Auditing & Security Suite

Audit Event Translation

PowerBroker Auditor has always provided rich details about audited activity. With the 5.0 release, each audit event has been provided a translation which enables less technical users to understand what activity has occurred while still maintaining all the advanced details system administrators require. Audit activity still follows the traditional what, who, when, and where of changes but is now enhanced with intelligent data that explains what has occurred. See the screenshot below for audit event translation details on the right-hand side of the screen. doc-pbas-event-translation The framework for event translation is extensible to enable organizations to customize and adapt when internal application with customer schema extensions require translation.

Enhanced Auditing for PowerBroker for Windows

PowerBroker for Windows customers that utilize Group Policy for pushing least privilege policies to their users requested additional auditing for those policies. Given the distributed nature of Group Policy, organizations needed a real-time, centralized view into the 4 W’s of changes – as well as the ability to alert on those changes. Any change to a PowerBroker for Windows policy is captured with details of the pre and post value. Please see the screenshot below for a representation of this functionality. PowerBroker for Windows Auditing

This added functionality is available to PowerBroker for Windows customers at no additional cost and provides a seamless upgrade as you decide to expand your Active Directory auditing requirements.

Redesigned Web User Interface

Organizations are continually transitioning away from traditional desktop applications in favor of web applications. The benefit this transition provides is that users do not need to go through desktop teams for cross-application compatibility with existing software and images. PowerBroker Auditing & Security Suite version 5.0 introduces enhancements to the web application focused on simplifying the user experience and making it function more like the desktop application. Many of the capabilities added with this release take advantage of the changes to audit event translation, which makes finding an understanding audit activity easier. A few of these enhancements include the following. Intelligent searching – An overhaul to the ‘what’ in the 4 W’s of changes (who, what, when, and where) criteria now allows customers to filter what they are searching for based on a user-friendly description of the change activity. See the screenshot below for a representation of this enhancement. PowerBroker Auditor Web UIUser preferences – Users now have over a dozen customizable preferences from colorblind options to column order. This option enables a consistent experience for users. With these enhancements, PowerBroker customers will realize greater efficiency and usability.

Custom Email Alerting Templates

Every customer has their own requirements for notifying stakeholders of changes. Two scenarios where is this especially relevant include:
  • The ability to customize alert emails to match a corporate standard.
  • A single place to go to adjust the notification email address should it need to change.
In version 5.0, PowerBroker Auditing & Security Suite addresses both of these requirements. PowerBroker enables administrators to design templates in HTML which allows them to add corporate logos, colors, hyperlinks, bolding and a variety of other formatting needs. Additionally, admins have the option for simple plain text email notifications. As well, PowerBroker now enables admins to customize a variety of templates and add desired recipients. If a recipient address needs to change, the admin could leverage find-and-replace capability to find and append, replace, or remove the required recipients. A representation of this functionality is captured in the screenshot below. PowerBroker Auditor Email Alerts These new capabilities help IT teams know who is using the alerts, and how the alerts are being used, providing flexibility around alerting.