AnsweredAssumed Answered

RSA Via privileged entitlement flagging

Question asked by k6AF3wBJZGgO9BFxe1EzBNjgnZZkAaA5jLbHPXWlSnI= on Apr 5, 2016
Latest reply on Apr 6, 2016 by Tim Willemstein

Hello RSA Community,

 

  We are currently trying  to run a privileged entitlement review for users of an application, so that entitlements are flagged as privileged (using a custom attribute) at the lowest level.  The problem we are facing is that entitlements granted at higher levels, app-roles, groups etc. (indirect entitlements) are not being recognized as privileged in our review.  To solve for this, we were looking into a few approaches and were hoping to receive some guidance.

 

     Our first thought, was using a workflow to remediate this.  We were hoping to have this workflow run daily to run a query that will flag groups/app-roles/roles as privileged if they contain a privileged marked entitlement.  The problem with this was, we were unable to figure out how we could trigger this workflow to run daily.  Any insight into this would be appreciated.

 

   Another thought we had, involved creating a dummy application with a dummy xml file.  This would contain all of the privileged users with all of the privileged entitlements from every application.  We were hoping we could somehow run this against other applications in a review to bring back all of the users that were present in both.  These would be the users in our privileged entitlement review.  However this approach is not ideal.

 

  We are also open to suggestions as far as ways to approach this problem.  We are currently running version 6.9.1.

 

  Thanks!

Outcomes