Identity Analytics

RadiantOne Identity Analytics comes with a dedicated web experience called IAP (Identity Analytics Platform).

It comes with a series of off-the-shelf analytics/reports/controls/… to provide more value to the end-users.

IAP is also in an active development phase at RadiantLogic, thus by deploying IAP, not only the end user will benefit from a lot of off-the-shelf value, but he will also benefit of regular updates/improvements.

IAP has been built with a set of general principles in mind, please find them below:

• FAST – results within 5 seconds, metadata powered,
• EFFICIENT – all answers 3 clicks away,
• CONSISTENT – same navigation & presentation logic,
• SIMPLE – yet POWERFUL intuitive UX, rich analytics,
• RICH all – concepts are leveraged, details are accessible when needed,
• TEMPORAL – all UI include temporal analysis,
• SECURITY BY DESIGN – you cannot see more than what is needed based on your management responsibilities,
• EXTENSIBLE – easy to extend through ‘Tags’.

version 3.1

Fix of display issues in the “web based” review:

• When a review campaign takes place over several timeslots, and reviewed or to-be-reviewed entries are deleted from the dataset in the meantime because they no longer exist, this service pack fixes the counters displayed in the reviewer interface and in the review tracking interface for the campaign owner.
• It also corrects the display of KPIs and entries to review in the configuration wizard when the perimeter is filtered by tags on permissions.

version 3.0

Update of the “web based” user access review with a new configuration wizard that allows to:

• Create new review campaigns and set a campaign owner,
• Configure the scheduling of the campaign,
• Set the notification and reminders of the campaign,as well as the related email templates,
• Configure the reviewer interfaces for the campaign,
• Define a review perimeter using tags,
• In SaaS mode, enable AIDA for Application Rights Review only, the AI Data Assistant that helps reviewers performing their review.

A new connector that handles remediation from IDA to IDDM is now available, to directly apply account deactivation and account removal from group after a review.

In addition, CMDB data can now be imported into Identity Analytics by using the dedicated ServiceNow and CMDB connectors. CMDB elements can be automatically correlated with the existing Applications, Repositories, Servers and Shares to better understand who can access to a Service or a CMDB element. New analytics and dashboards are now available as well to provide insights around CMDB CI components with:

• A new CMDB element search menu,
• New CMDB element detail pages,
• A series of new CMDB element analytics.

version 2.2

Update of the “web based” user access review with the extension to all reviews of explicit validation by the reviewer (“sign-off”)and automatic update of remediation status:

• Safe Permissions Review,
• Repository Accounts Review,
• Groups Direct Membership Review.

version 2.1

Improvement of the “web based” user access review:

• Add of a new group membership review,
• For the Application Rights Review only, addition of explicit validation by the reviewer with the “sign-off” action,
• Once entries have been signed off by the reviewer, they can be switched to “Remediation Pending” status automatically or manually (action “proceed now” by the review campaign owner), even if the review campaign has not been finalized,
• The automatic status change is carried out by a batch run daily, and is configured in the technical configuration (activation and delay in days).

New group glossary management dashboard available from repository analytics reports to mass update group description and group sensitivity level.

Ability to hide Role Mining and PAM Booster dashboards and menuitems if there are not required by updating the technical configuration of the project.

Improvement of the risk ranking.

version 2.0

All User Access Review reviewer interfaces have been re-designed to provide a smoother and more efficient experience to the reviewers:

• Responsive design of the interface,
• New and enhanced filtering capabilities,
• A progress bar is now displayed at the top of the tables,
• A new option to freeze columns,
• Unified display of pending or in progress web-based (IAP) and custom (workflow) reviews in Access360,
• Offline mode added to Access360 to make reviewers autonomous.

Enhanced user experience for review owners:

• Owner escalation management of review campaigns,
• New “Reviewer” resource owner type in addition to “Business Owner” and “Technical Owner” to facilitate reviewer identification.

PAM Booster is now embedded by default in IAP including the CyberArk Safes User Access Review feature.

Consideration of new license levels Observability, Governance, Compliance.

Multiple bugfixes (see release note).

version 1.8

RoleMining module is now embedded by default in IAP

Multiple bugfixes (see release note)

version 1.7

Control browser to access all the control results and to launch ad-hoc remediation

New technical administrator home page with KPIs and shortcuts

New Modern look&feel

New mashup dashboards for admins and resource owners

New access review compliance dashboards at an application level and at a repository level

Perimeter based search pages are now accessible to resource owners

New controls: permissions without description, folders without description, High sensitivity group with new accounts,
extreme sensitive group with new accounts, several accounts with the same identity at a repository level,
several accounts with the same identity at an application level, inactive account and owner left the company 2 years ago,
AD/azure account created more than 7 days after identity arrival, identity manages themselves, contractor leaves within 30 days,
identities with the same name, identities with the same mail, identity with multiple accounts within a repository,
identity with multiple accounts within an application

Improve reconciliation management with bulk operations

Delegation is now available as a Tab in access360

Auditor role can now connect and access the access review manager and the remediation manager in read-only mode

Controls scope attribute is now filled with the control target (account, right, …)

Hyperlinks in KPIs in access review management and remediation management

version 1.6

Remediation enhancement with native support of Jira and emailing for RPA

Out of the box project dashboards

Access review: default comments are proposed when revoking an entry

Access review: can review an entry with an updated status (change requested)

Access review: can now declare that you are not the reviewer for some entries

Access review: can see new delegated review entries

Access review: can launch self-review campaigns

Access review: Pause/continue campaigns

version 1.5

Remediation enhancement with native support of ServiceNow

version 1.4

Review enhancement with ability to set up account reviews and access rights reviews

Improved SoD analytics

New mining analytics reports accessible from search menus

Report subscription functionality officially supported

Functionality to integrate mashup dashboard reports as files within the project

version 1.3

New feature allowing to subscribe to application reports to receive key information on a regular basis by email.

Updates to the internal management of metadata and performance enhancements.

version 1.2

New user access review feature based on permissions and remediation feature.

version 1.1

New feature to add tags, discretely or in bulk, on all resources available via the search pages.

Possibility to define a sensitivity level to all entities. It can automatically be propagated to accounts and identities.

Integrated support of the “Booster for Active Directory”.

version 1.0

Initial version