BeyondTrust Endpoint Privilege Management

What is BeyondTrust Endpoint Privilege Management? #

BeyondTrust Endpoint Privilege Management elevates privileges as needed to known, trusted applications, controls application usage, and logs and reports on privileged activities. BeyondTrust Endpoint Privilege Management implements zero trust endpoint security controls.

Why Should You Use the BeyondTrust Endpoint Privilege Management Connector? #

The BeyondTrust Endpoint Privilege Management connector provides visibility into the assets managed by BeyondTrust Endpoint Privilege Management. You can use this visibility to:

  • ensure assets are managed per your security policies

  • monitor each endpoint and its status

  • associate users with assets and data

  • monitor user access to assets and data

How Does This Connector Work? #

Lucidum executes read-only requests to the BeyondTrust Endpoint Privilege Management REST API and ingests only meta-data about devices and users. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum #

Field

Description

Example

URL

URL for the BeyondTrust Endpoint Privilege Management API

https://example-services.pm.beyondtrustcloud.com/

Client ID

User name for a BeyondTrust Endpoint Privilege Management account with read access for all devices.

e52a9aa6fc0508ddf3a40601a736b230a1bebcd1

Client Secret

The password for the BeyondTrust Endpoint Privilege Management account.

BU5u0fVEb1qEWuHdBK9AR6q9+O1CB26squ1susfJ0LsK

Source Documentation #

Creating Credentials #

To generate the Client ID and Client Secret:

  1. Log in to the Privilege Management Console.

  2. Follow the steps in:

    https://www.beyondtrust.com/docs/privilege-management/console/pm-cloud/configuration/configure-api-settings.htm

  3. Assign all the read-only permissions to the Client ID.

Required Permissions #

Product Area

Permissions

Audit

Read Only

Management

Read Only

Reporting

Read Only

SCIM

Read Only

API Documentation #

https://www.beyondtrust.com/docs/privilege-management/console/pm-cloud/api/index.htm

Specifically: