June 2016 Release Notes

One-click Reporting that performs Extract, Analysis and Reporting

It is now possible to create a set of Reports from a single screen. The request will initiate a Security Extract, a set of Utilization Extracts, a Security Analysis, and a set of reports. On completion, Access Analyzer will notify you that your reports are ready to review.

All SAP data is now associated with an SAP Instance instead of an SAP Connector

A challenge that we save with the association of SAP data to Agents and Connectors was that if the Agent host was changed or the Connector name was changed, the association to SAP would change. Now, it’s possible to have multiple connectors associated with a single SAP instance and the data will always represent the same SAP Environment, regardless of the Connector that was used to get the data. This also allows us to load-balance Agents so it is now possible for there to be multiple Agents and connectors providing access to a single SAP Environment.

Select the SAP Instance once and use that selection for the duration of the session

The GUI has been enhanced to allow a user to select the SAP Instance once and to use that same SAP Instance for all screens that are accessed.

Rules are independent of Rulebooks

The same rule can co-exist in multiple rulebooks. This allows the user to create specialized rulebooks when they want to focus on specific types of risk and use the same rules in a more general Rulebook whilst maintaining the rule owners and mitigating controls.

SSO with Azure Active Directory or Office 365 Directory

If your company uses Azure Active Directory or Office 365, it is now possible to for you to set up SSO integration with Access Analyzer.

Improved Styling for Primary Action Buttons

The red primary buttons caused confusion on the Emergency Access Request approvals. To address this issue and maintain consistency, we changed the color of the Primary Action Button to blue across the entire application.

Generate Electronically-signed Excel reports

If your auditors require a guarantee that the SoD Analyses Report that you have generated has not been tampered with, it is now possible to have Access Analyzer electronically sign the Business Process Conflicts Report. This electronic signature is removed if there are any changes to the file, which is how it can be proved that the file has never been tampered with.

Bulk import mitigating controls along with rulebooks

The Bulk Rulebook Import feature now supports bulk importing Mitigating Controls.

Security Analysis Data is now available for bespoke reporting

Security Analyses are now saved in the form of a SQLite Database. This makes the low level information available for review and it also makes it possible to integrate the analysis into bespoke reporting systems.

Security Analysis Log is now included in the Security Analysis Result for easy troubleshooting

A log is generated as the analysis progresses, which is now available in the analysis result file. It allows you to check exactly what happened in the analysis and will include details like: excluded users, roles, and overflow profiles.

Full Details of Mitigating Controls are now included in all reports

The mitigating control details will now be available in the User Conflict Matrix and Business Process Conflict screen for conflict hits.

SAP User full names are now available in reports

Last name and First name from the V_USERNAME table have been added to reports.

Risk Ratings in WhatIf Report

Risk Ratings are now included in the WhatIf Report.

Filter by Business Process Code and Risk Code

It is now possible to filter on Business Process Code and Risk Code when selecting the conflicts to include in a report.

Usability improvements to the User and Role selection screens

The User and Role selection screens now have an improved layout and the search capability has been enhanced to make finding the User or Role much easier.

Menu has new items and some existing items have been reorganized

With addition of the new One-Click Reporting feature, the extracts, analysis, and reports will be created all together from the same screen. If you prefer to schedule an extract, analysis, or report separately, those functions can now be found under the Advanced menu. You will also notice the new menu options to Edit Rules independently and the new Single Sign-On Settings.

Rulebook Change tracking

It is now possible for us to see who changed anything around a rulebook, when it was created and when it was changed.

Performance improvement in the SAP Security Extract

The Security Extract will now run around 50% faster.

Performance improvements to the Rulebook Editor Screens

The Rulebook, Rule, and Business Function screens have been updated for improved performance.

Improved Job Queueing mechanism allows unlimited scaling of job servers

Job Servers now pull Job Requests from a dedicated queue which ensures that a single job request will be serviced by a single job server and allows any number of Job Servers to be set up.

Client Accounts can be locked to prevent changes in support of legal actions

To support consulting firms that are using our product, it is now possible to mark an account as locked. In the locked state, it is not possible to delete Extracts, Analyses, or Reports that have been created. The feature is intended to support cases where a company is legally obligated to retain all files.

EAM Utilization Overview Report now includes critical program activity triggered by elevated user

EAM users will now be able to perform program monitoring in addition to existing transaction monitoring. This is useful for monitoring user activity on some crucial programs like RSABAPProgram.

Report Column Changes