Search Results

Definition That is the first step of the workflow. At that step, you could define the fields you want to show when the end users. In that case, the request will be launched automatically when the end users request to use a privileged account to connect to a p...

Description BPM is a technology that allows modeling, implementing, and executing processes automatically to enhance efficiency and productivity in support of enterprise goals. Soffid includes a BMP (Business Process Management) in its Smart Engine to provid...

Description Soffid provides a protected storage, to save and manage accounts for multiple applications, that is the Password vault. Here you can save the accounts and passwords to access to critical systems and to your applications as well. Password vault all...

Upgrade  To upgrade PAM you will need to run two scripts, one for the store and the other for the launcher. Upgrade store To upgrade the storage container you can download and execute the following script: upgrade-store.sh ~/Downloads$ bash ./upgrade-store...

Description Soffid includes a BMP (Business Process Management) in its Smart Engine to provide useful workflows integrated with the processes and the policies of the Soffid core.  In order to add extra functionality to the console, you can upload different b...

Description Allows massive operations to be performed on the selected records. With that operation, updates can be made to any of the object parameters. You can access this option through the hamburger icon from a few of the components of the table type, lik...

Description An account is the way an user is presented on a target system.  There can be user accounts as well as system-purpose accounts. An account belongs to a system and that account can have specific permissions assigned to it. An account must have defi...

Description The segregation of duties (SoD) is a fundamental element of internal controls, defined to prevent error and fraud. Segregation of duties ensure that at least two individuals are responsible for the separate parts of any task. For each user, the r...

Title Necessary checks were not applied to some Java objects. Affected Product Code Base Soffid Console - 3.5.38 Descripition Recently the Soffid IAM team detected and corrected a vulnerability that had been detected in the product's Console. This vulnera...

Title Untrusted Java serialization in Soffid IAM console. Affected Product Code Base Soffid Console - 1.7.5 Descripition Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via...

Introduction Here we will try to explain some user cases about different types of process to know how that processes work. That processes will be a basic user cases, but you will be able to define process as much complex as your business needs. For more info...

Description The user is the core object of the system. In Soffid, a user means an identity (usually a person). Every user can have a number of accounts spread on different information systems. In traditional system management, one can assign roles and permis...

Description Soffid provides a monitoring functionality to consult all the information of the different agents and the status of each one of them and the amount of tasks assigned. Consequently, it allows diagnosing possible incidents in a quick and easy way. ...

Description Information systems are the systems that Soffid will protect granting and revoking roles. Each role and entry point is bound to an information system. The information system can be created hierarchically. These information systems are managed in ...

Note that Soffid supports different scripting languages, you can configure it in the Smart engine settings screen. Additionally, in the initial configuration of the container, we can configure the SOFFID_TRUSTED_SCRIPTS environment variable to allow the use...

Definition Password domain Is a logical way of grouping managed systems that are sharing the same password for each account. If the administrator chooses to have the same password for every system, only one password domain should exist. If the administrator ...

Introduction The TLS protection of Soffid IAM Console is applied through the configuration of the Apache TomEE embedded in the installation. This solution is running under java technology therefore we need a jks file (Java Key Store) or a PKCS#12 file with t...

Description The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported. Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g. // User changes trace calendar ...

Description The access log page allows querying all the information about the opened sessions.  Note that any session that was active during the specified date will be shown, even when it started before of finished after that date. Screen overview Cust...

What is Soffid Break glass? It refers to a mechanism that allows users to gain emergency access to critical systems or information under exceptional circumstances when normal access procedures are not viable.  Break glass is a crucial component of security a...