PAM360 Dashboards
PAM360 offers a comprehensive suite of interactive dashboards that streamline the privileged access management (PAM) process for enterprises. The dashboard feature in PAM360 provides a perspective on crucial aspects of privileged account management within an organization. From monitoring password health to addressing policy breaches, it facilitates the implementation of robust security measures based on actionable insights.
Out-of-the-box, PAM360 benefits organizations with Real-time Insight - to gain immediate visibility into security configurations and privileged access activities across your infrastructure and Risk Mitigation - to utilize instant remediation controls to promptly address and mitigate identified risky behavior.
The dashboards available in PAM360 are:
These interactive dashboards enhance PAM processes by offering dynamic monitoring and swift response capabilities, ensuring robust security management across the enterprise.
1. Password Dashboard
The Password Dashboard serves as a centralized platform for monitoring password-related activities within the PAM360 environment, providing administrators with comprehensive insights into password usage, compliance status, and security vulnerabilities.
- Total Passwords - This section provides administrators with an overview of the total number of passwords stored across all privileged resources within the PAM360 environment. By clicking these numbers, administrators can access detailed information about the hierarchy of passwords, including their associated resources and permissions, enabling efficient management and auditing of password assets.
- Expired Passwords and Policy Violations - Administrators can identify and address security risks associated with expired passwords and policy violations through this section. By highlighting the total number of expired passwords and passwords violating standard policies, administrators can prioritize password updates and enforce password management best practices to enhance overall security posture.
- Conflicting Passwords - This section alerts administrators about potential synchronization issues between local and PAM360 environments, where passwords may differ across resources. By identifying resources with conflicting passwords, administrators can take proactive measures to reconcile discrepancies and ensure consistency in password management practices, reducing the risk of unauthorized access and data breaches.
- Password Distribution - Administrators can gain valuable insights into password distribution patterns across different resource types through this section. A pie chart visualizes the distribution of passwords, enabling administrators to identify resource types with a high concentration of passwords to implement targeted security measures to protect critical assets and sensitive information.
- Favorites and Recent - This section provides administrators quick access to the recently accessed passwords and favorites marked in the Resources tab. By listing recently accessed passwords and favorites, administrators can streamline password management tasks, facilitating efficient retrieval and management of frequently used passwords.
- Resource Audit - Live Feed: Administrators can stay informed about the real-time resource, account, and password-related activities through this live feed section. By configuring activity preferences and refresh intervals, administrators can monitor password-related events as they occur, enabling timely detection and response to security incidents and policy violations.
- Active Privileged Sessions - This section displays a list of active privileged sessions, allowing administrators to monitor user sessions and detect suspicious behavior in real-time. By identifying and investigating active privileged sessions, administrators can mitigate security risks, prevent unauthorized access, and enforce compliance with security policies and regulatory requirements.
2. User Dashboard
The User Dashboard offers administrators a comprehensive overview of user activities within the PAM360 environment, providing valuable insights into user behavior, role distribution, session management, and audit trail monitoring.
- User Activity - This section presents administrators with a detailed summary of all user activities over a configurable period, including successful logins, logouts, failed login attempts, and unauthorized access events. By analyzing user activity trends, administrators can identify anomalies, detect security incidents, and enforce access control policies to prevent unauthorized access and data breaches.
- Role Distribution - Administrators can visualize the distribution of users across default and custom roles through this section. A pie chart displays the proportion of users assigned to each role, enabling administrators to assess role-based access controls, manage user privileges, and ensure compliance with least privilege principles and regulatory requirements.
- Active User Sessions - This section provides administrators with a comprehensive list of all active user sessions within the PAM360 environment, along with detailed session information such as user details, session status, and login timestamps.
- User Audit - Live Feed - Administrators can stay informed about real-time user activities through this live feed section. By configuring activity preferences and refresh intervals, administrators can monitor user-related events as they occur, enabling timely detection and response to security incidents, policy violations, and compliance breaches.
- Most Active Users - This section charts the most active users based on resource access within the PAM360 environment. By identifying and analyzing user activity patterns, administrators can detect abnormal behavior and investigate potential security threats or policy violations to maintain the integrity and security of the IT infrastructure.
3. Keys Dasboard
The Keys Dashboard serves as a centralized hub for monitoring and managing cryptographic keys and digital certificates, providing administrators with valuable insights into keys and certificate-related activities essential for maintaining the security and integrity of the IT infrastructure.
- SHA-1 Certificates - This section presents a comprehensive list of all certificates still using the SHA-1 hashing algorithm, allowing administrators to identify and prioritize the migration of these certificates to more secure hashing algorithms like SHA-256 to mitigate the risk of cryptographic weaknesses and potential vulnerabilities.
- 1024 bit and Smaller Keys - Identifies cryptographic keys with insufficient length, such as RSA and other key algorithms smaller than 1024 bits, which are vulnerable to brute-force attacks and cryptographic exploits. Administrators can proactively replace these weak keys with stronger and more secure key lengths to enhance the overall security posture of the organization.
- Last Rotation Failed - Indicates instances where key rotation processes have failed, potentially leaving cryptographic keys unchanged beyond their intended rotation schedule. Administrators can investigate the root cause of these failed rotation attempts and take corrective actions to ensure timely and secure rotation of cryptographic keys to prevent security incidents or compliance violations.
- Keys Not Rotated in Last 30 Days - Highlights cryptographic keys that have not been rotated within the last 30 days, signaling potential lapses in key management practices and increasing the risk of unauthorized access or data breaches. Administrators can prioritize the rotation of these keys to maintain compliance with security policies and regulatory requirements while minimizing exposure to security threats.
- Certificate Authority - Provides detailed information about the number of certificates signed by the certificate authorities (CAs) responsible for issuing and managing digital certificates within the organization's trusted infrastructure.
- Certificate Expiry - Displays real-time information about certificate expiration dates, allowing administrators to proactively monitor and manage certificate life cycles to prevent service disruptions and security incidents caused by expired certificates. Administrators can schedule certificate renewals or replacements before expiration to maintain the trustworthiness of digital identities.
- License Details - Provides comprehensive insights into the licensing model with the total number of accommodated SSL certificates, SSH keys, PGP keys, and Key stores with details.
- Vulnerabilities - Identifies potential vulnerabilities and security weaknesses associated with cryptographic keys and digital certificates, such as weak cipher suites, poodle SSL, revoked SSL, etc. Administrators can leverage vulnerability assessments and security scans to identify and remediate security risks, ensuring the confidentiality, integrity, and availability of cryptographic assets across the organization's IT infrastructure.
- SSH Key Summary - Summarizes essential information about SSH (Secure Shell) keys used for secure remote access and authentication, including the total number of keys, unused keys, unique keys, etc. Administrators can review SSH key deployments and monitor key usage patterns to prevent unauthorized access and mitigate the risk of SSH-based attacks targeting critical systems and sensitive data.
- Operation Audit - Offers detailed insights into key and certificate-related operations, including key/SSL generation, distribution, rotation, and revocation events. Administrators can track all the lifecycle events, audit trail modifications, and analyze historical management activities to ensure compliance with security policies, regulatory requirements, and industry best practices governing cryptographic usage and protection.
4. Securtiy Dasboard
The Security Dashboard is a comprehensive tool-set that empowers administrators with real-time insights into crucial security-related activities within the PAM360 environment, ensuring robust protection against potential threats and vulnerabilities.
Refer to this help document to know more about the Security Dashboard and its configuration in detail.