Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Schedule Baseline

Thriller
Regular Contributor
Regular Contributor

Can we schedule to run baseline of applications? Or do we have to go inside Endpoint and run 'Re-Baseline Application' every single time

Prab_0-1725913654834.png

 

4 REPLIES 4

stalluri
Valued Contributor II
Valued Contributor II

@Thriller 
You can't schedule it, but you can create KPIs and find out the issues on the endpoints.

Baseline Application/Re-Baseline Application 

Baseline Application/Re-Baseline Application

Baselining of an application is the process of identifying rogue accounts or accesses, and taking measures for onboarding them accordingly.
Rogue accounts or accesses are created, updated, or managed outside the Saviynt environment, directly in the target application. Recognizing and reviewing these rogue accesses becomes highly important, as they are created on the target application directly and may pose a security risk. Therefore, having a baseline for comparison reduces the overhead of manually searching for out-of-band accesses.

A baselining operation is performed by default for every application that is imported within Saviynt. You can also baseline an application manually by clicking Baseline Application for an endpoint by navigating to Admin > Security System > Endpoints.

Saviynt also provides a Re-Baseline Application option that reviews any incremental changes within the application, due to which there could be a new set of rogue accesses. As the name suggests, re-baselining can be performed for applications that have already been baselined before.
A routine scenario where re-baselining applications becomes paramount is during mergers and acquisitions. In these situations, there could be a huge influx of new accounts and accesses to already baselined applications, and therefore these are marked as ‘rogue’. Re-baselining identifies these new ‘rogue’ accounts or accesses and maps them accordingly.

Video: Enhanced Application Baselining

For re-baselining an already baselined application, click the Re-Baseline Application option for an endpoint by navigating to Admin > Security System > Endpoints.

For re-baselining an already baselined application, perform the following steps:

  1. Go to Admin > Security System > Endpoints and click the Re-Baseline Application option for an endpoint.

  2. Re-Baseline Application provides you with the below retrofitting options:

    1. Do you want to repair Role User Mapping?
      Enabling this option allows you to repair the role-user mappings for the application. For more information on repairing role user mappings, see Repairing Role Mappings.

    2. Do you want to repair Rule User Mapping?
      Enabling this option allows you to repair the rule-user mappings for the application. For more information on repairing rule user mappings, see Repairing Rule-User Mappings.

      The Rule User Mapping option is available only when the Enable rule retrofit (repair rule to user mappings) setting is enabled from Admin > Global Configuration > Rules > Settings. For more information, see Configuring Rules

  3. Enable one of the above options as per your requirement, and click Start.
    The baselining process is initiated.

The role-user and rule user repair options have been included in Re-Baselining to ensure that all entitlements are removed for users when they are no longer part of a role or they do not match the rule conditions. They help in scenarios such as a faulty import interrupting the role to user or rule to user relationships.

The ‘i' icon next to the Baseline Application or Re-Baseline Application option to displays details such as the generated ‘arstaskkey’, the user who initiated the baseline application process, the date, and the number of accounts and entitlements that are baselined. For more information about 'arstaskkey’, see the Accounts Table in the Enterprise Identity Cloud Schema Guide.

EIC also provides an out-of-band access detection functionality that detects and revokes accesses that are assigned by the target system. Based on the baseline or re-baseline results, you can choose the DeprovisionAccess or Deprovision Access and Re-create Access Request option from Action for Out of Band Access Detection for the rogue accounts or accesses found. To know more, see Configuring the detection of out-of-band access for endpoints in the Knowledge Base Articles.


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.

rushikeshvartak
All-Star
All-Star
  • You need to go under each application and run. 
  • ideally it should be job category ( please raise idea ticket)

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor II
Honored Contributor II

Hi @Thriller we had the same requirment earlier ... I couldn't find an ideas regarding..raise one and share we will upvote.

idea already in place https://ideas.saviynt.com/ideas/EIC-I-4666


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.