" Privileged access management (PAM) is an identity security solution that helps protect organizations against cyberthreats by monitoring, detecting, and preventing unauthorized privileged access to critical resources. " - Microsoft
I led the extraction of the PAM inventory for a large organization, this was in a BA/DA role whilst also completing BAU tasks in the Security Operations Centre.
Leading the extraction of privileged users, we had 3 domains we were interested in, Windows On-Prem AD, Entra, and Linux. Each with their own blockers, techniques and processes of extracting the data needed for our PAM implementation.
PowerShell was the primary method of extraction when it came to both Windows On-Prem AD and Entra, creating scripts to extract and output data into excel sheets, which was then used to improve next iterations of scripts. Scripts were stored in a GitLab repository so myself and others were able to collaborate and improve the scripts. Through the use of GitLab, I also created a README.md file that was used to explain the different aspects of the final scripts and required columns in the final output for both Windows On-Prem AD and Entra.
Linux had a major blocker that was put on the back burner whilst we prioritized On premises and Entra as these were set as priorities due to the sensitive nature of the privileged users.
Once the extraction phase of the project was completed and we had a near finalized version of the privileged users in the organization, I changed from a DA role to a BA role where I focused on the completion of the inventory by creating user surveys and talking to various product owners and other stakeholders about the specific gaps we were missing, In order to assist in better communicating what we wanted from the various stakeholders, I created diagrams to showcase in workshops that greatly increased productivity.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.