Overview
This add-on allows to extract and upload data into the Identity Ledger from a CyberArk PAM instance using the CyberArk tools EVD (Export Vault Data) and the JSON/REST API available from PVWA.
The following elements are extracted and consolidated into the Brainwave GRC data cube:
- CyberArk Users
- CyberArk Groups
- CyberArk Vault
- CyberArk Safes
- CyberArk Credentials
- Access rights details to Vaults and Safes
This add-on provides an overview on CyberArk access rights: who can do what on which safe, who can administrate the Vault, who has access to which credentials.
It correlates accounts and groups available in CyberArk with any LDAP or AD referential and with identities information coming from HR data sources.
Combined with IAS2.0 or upper, this allows to automate User Access Review and the security and quality controls regarding access to CyberArk Vaults and Safes. It will provide also analytics and out-of-the-box dashboards and reports to keep a better control on the access chain to CyberArk.
Revision History
version 1.0
Initial version
File | Version | Minimum Product Version | Download |
---|