Overview
This add-on allows to extract CyberArk data using web service JSON/REST API and to collect and consolidate all information into Brainwave GRC Identity Ledger.
The following elements are extracted and consolidated into the Brainwave GRC database:
- CyberArk users
- CyberArk groups
- CyberArk Vault
- CyberArk Safes
- CyberArk Safes contents
- Access rights details to Vault and Safes
This add-on provides an overview on CyberArk access rights: who can do what on which safe, and by extension on which resources, who can manage the Vault with which authorization.
It collects accounts and groups available in CyberArk and the mapping with any LDAP or AD referential.
One silo is provided: “cyberark_scim.silo”. It allows to upload and consolidate into the Identity Ledger information about Vault, Safes, users, groups, safes contents and the related access rights details.
Data extraction requires the CyberArk SCIM server to be installed, up and running. If this is not possible, you have the possibility to use instead of this add-on the light extraction version available in add-on bw_cyberark.
This light version uses CyberArk EVD command lines to extract data. Note that in that last case you will have no visibility on the CyberArk Safes contents.
Revision History
version 1.0
Now compatible with Identity Analytics Services from Braille version
version 0.9
Initial version: data extraction
| File | Version | Minimum Product Version | Download |
|---|---|---|---|
| bw_scim_cyberark_0.9.9913.facet | 0.9.9913 | Ader R1 (2019-11-27) | Login to Download |
