SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    Azure SSO

    Scheduled Pinned Locked Moved Feature and Functionality Requests
    5 Posts 3 Posters 674 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jak552
      last edited by

      Please add the ability to link at the system level to existing Azure Active Directories to relive the need to manage local accounts. This would also enable organizations to use their existing SSO and MFA workflows.

      For decentralized organizations this is essential for implementation to easily spin up new sites and use existing directories to determine not only authentication but also authorization.

      Ideally a group in Azure would map to a Site in SecTeer. So that managing who can access what sites is done entirely inside of your existing directory using groups. Having a third party app with it's own set of local accounts add security issue that some organizations will not be comfortable with.

      Helpful control's that are maybe easier to implement than Azure SSO would be:
      System administrators should be able to force the setup of MFA for users while we wait for Azure SSO integration.
      System administrators should be able to see which accounts have MFA enabled and which don't.

      T 1 Reply Last reply Reply Quote 0
      • T Offline
        Tom VulnDetect Team Member @jak552
        last edited by

        @jak552 Thank you for the suggestions about SSO and MFA.

        The SSO is sort of on the roadmap, as part of our next larger development tasks.

        We will take the association between groups and sites into consideration, though my impression is that most of our current customers have multiple AD groups per site.

        It sounds like we need to consider how we can be flexible, so one AD could be one site in some cases, and another AD could span multiple sites in other cases.

        Thanks.

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        J 1 Reply Last reply Reply Quote 0
        • J Offline
          jak552 @Tom
          last edited by

          @Tom What about the other mitigations I mentioned between now and getting Azure SSO.

          "Helpful control's that are maybe easier to implement than Azure SSO would be:
          System administrators should be able to force the setup of MFA for users while we wait for Azure SSO integration.
          Without the ability to enforce MFA system administrators should be able to see which accounts have MFA enabled and which don't."

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            Tom VulnDetect Team Member @jak552
            last edited by

            @jak552 We discussed this a few days ago, it sounds like this is viable to implement in a soon to come UI update.
            With some luck before the end of the year.

            /Tom
            Download the latest SecTeer VulnDetect agent here:
            https://vulndetect.com/dl/secteerSetup.exe

            OLLI_SO 1 Reply Last reply Reply Quote 0
            • OLLI_SO Offline
              OLLI_S Community Moderator @Tom
              last edited by

              @Tom At the login page I see the Sign in with Microsoft button:
              4be1b93e-92f1-4965-9775-db45007e9c20-image.png
              Is this the requested feature?
              Or is Azure SSO something different?

              1 Reply Last reply Reply Quote 0
              • T Tom referenced this topic on
              • First post
                Last post
              Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

              Please see our Privacy and Data Processing Policy
              Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
              Forum software by NodeBB