When we do Weekly Recons for access that has been granted with NO ARS request, we do lots of manual analysis outside of Saviynt. We compare last weeks files to this weeks files and it is complicated. Is there a way inside of Saviynt to show us all the users that have access to an application that DO NOT have an ARS submitted?
We have to look at all users with ARS request and then look at the FULL Entitlements dump from saviynt. Then have to do a compare outside of the system to see who has access from a disconnected system with NO ARS request submitted...
Anyone have any thoughts? We would love to do analytics in Saviynt and not do an ADHOC process outside of the IAM platform?
Just looking for any users that gained access to an application and have NOT submitted an Access Request 🙂
Solved! Go to Solution.
What is the version of SSM you are using?
With 5.5SP2 release we have introduced application baseline feature which would take care of your issue i.e. it would assign dummy task id for all accounts as part of baselining. refer config "Baseline Application/Re-Baseline Application " under endpoints details page.
Secondly we have a config on endpoint details page called " Action for Out of Band Access Detection " and below is the link for documentation.