Improved SoD Results Accuracy
2024-1-29 21:6:31 Author: securityboulevard.com(查看原文) 阅读量:6 收藏

Use enhanced AND/OR logic to exclude false positives for given rules and reduce the total number of violations that need to be remediated each period.

False positives (you can read more about the details of false positives here) occur when your system wrongly identifies an activity or event as an SoD violation; in reality, it isn’t. These false alarms can lead to various problems, including wasted time and resources spent investigating non-issues and unnecessary disruptions to business operations.

False positives can be a significant challenge in any security or compliance system, and in the context of ERP environments, they can create unnecessary work for your organization. An SoD solution should offer sophisticated filtering options, allowing your organization to categorize and prioritize violations. This way, high-risk violations receive immediate attention, while less critical ones can be reviewed later, reducing the workload associated with false positives.

SafePaaS customers can now take advantage of enhanced rules logic allowing for the effective removal of false positives thus reducing the time needed to remediate violations. 

You can now select an “AND” condition as well as an “OR” condition which can be applied to a “Group” of entries.  For example, you can use this new feature to exclude false positives in Oracle Cloud ERP where a user has been granted the Manage Purchase Orders privilege but is not authorized as a Procurement Agent under the Supplier Definition. 


文章来源: https://securityboulevard.com/2024/01/improved-sod-results-accuracy/
如有侵权请联系:admin#unsafe.sh