Search Results

Launcher Soffid allows you to check the status of the launcher by browsing an URL: Request https://<your-host>/launch/status For instance: http://demolab.soffid.pat.lab:8082/launch/status Response { "sessions":0, "status":"ok" } status → “ok” t...

Introduction The purpose of this document is to provide the instructions to implement PAM using the Soffid console. This is a step-by-step implementation guide.  Soffid is an information security product that provides a web console to manage privileged accou...

Introduction Once the discovery process has been run, the critical accounts have been detected and saved on the password vault, and the password rotation process has been defined, the next step would be to define the necessary approval process to manage the u...

Step-by-step 1. To define and configure an approval workflow, you can use the Soffid BPM editor. You must access the BPM editor page in the following path: Main Menu > Administration > Configure Soffid > Workflow settings > BPM editor 2. To add a new workfl...

Step-by-step 1. To configure the XACML PEP  You must access the "XACML PEP configuration" page in the following path: Main Menu > Administration > Configure Soffid > Security settings > XACML PEP configuration 2. At the "XACML PEP configuration page you mus...

Introduction Using PAM you can configure policies and rules in the Soffid console to detect actions or behaviors that may put your organization at risk. With this information, you will be able to analyze the behavior of the critical accounts that you have def...

Step-by-step 1. To create a new PAM Rule, you must access the PAM Rules page in the following path: Main Menu > Administration > Configure Soffid > Security settings > PAM rules 2. To add a new PAM rule, you must click the add button (+) and Soffid will di...

Introduction Once the Jump servers have been installed, following the steps defined on the PAM Jump Server installation page, it will be mandatory to configure the jump servers on the Soffid Console, to do that you can visit the Configure PAM session servers ...

Why PAM? Privileged Account Management (from this point forward: PAM), allows you to manage accounts that are necessary to perform scheduled configuration and maintenance tasks, as well as supervening tasks such as the recovery of a hardware or software failu...

How works on-screen Keyboard

Definition Soffid provides the functionality that allows you to configure the Jump servers. That option is located on Main Menu > Administration > Configure Soffid > Security settings > Configure PAM session servers To configure that functionality is mandat...

Introduction We can establish a connection to the target system using the RDP remote access protocol. You can use a remote desktop client. How to connect  You can establish the connection with the ssh gateway using a desktop client and then Soffid will ask ...

Introduction PAM is the process that determines who has access to what types of information as it creates an integrated view of risk, threats, and controls. Implementing a policy of least privilege minimizes unnecessary privilege allocation to ensure access ...

Description Soffid allows you to configure some backup parameters. Go to In the "User backup configure & restore" page, in the hamburger button click the option "Configure backup". Screen overview Custom attributes Minimum delay between backups Numbe...

The purpose of this tutorial is to show how to initialize a database MariaDB required for Soffid IAM installation using Docker. Prerequisites 1. Install docker ( https://docs.docker.com/install/ ) 2. Create a docker network, that network allows you to conne...

Description Soffid allows you to define new campaigns to review the users' access rights and to assign who has to recertify or revoke their entitlements. You can create a campaign related to a previously defined recertification policy. Depending on the polic...

Description A high level profile can contain or grant application permissions. On the other side, application permissions can contain or grant low level permissions. All of them are referred to generally as roles. Some users could have been granted both high...

Description Probably there are some users that do not need access to any information system. Using this tool you will be able to identify them and act upon them. The process is a two step process: Filter out the universe of users to analyze. Select the a...