Passwordstate Compliance Reporting

Essential Compliance

Use Passwordstate to help your organization reach NIST, PCI DDS, HIPAA, NERC/CIP and SOX compliance. For an informational checklist on how Passwordstate can help with each of these acts, please click here Request Compliance Checklist

Access Management

Passwordstate has granular role based access, so segregation of access is possible. Read, modify and administrator permissions can be granted to Password Lists and individual Passwords, either to individual users or to members of a Security Group. Security Administrators (who administer the whole system) have 12 different access roles which can be applied.

Compliance reporting

Passwordstate records over 120 different types of audit events, all of which can be reported on when required. You can see a complete list of audit reports here - Compliance Reporting. For a full list of Reports and Audit events, please see 'Available Reports' further down on this page.

Real-time Email Notifications

Passwordstate has 56 different types of real-time email notifications, all of which help keep everybody informed about what's occurring in the system. You can see a complete list of Email Notifications here - Email Notifications.

Password Length and Complexity

As users create and edit passwords records in Passwordstate, they’re provided visual recommendations for how strong the password strength is based on policies set by the Security Administrators.

Tracking and reporting of password resets

Each password within Passwordstate can have an expiry date set, with reporting and email/visual reminders as a result. Automatic Password Rotation is also possible.

Password Reset Recommendations

When a user’s access to passwords is removed, a recommendation email is sent to each of the Password List Administrators recommending they reset the appropriate passwords.

SIEM Integration

In addition to the comprehensive auditing capabilities within Passwordstate, you can also integrate Passwordstate with your SIEM implementation for consolidated event correlation.

Pre-Defined Reports

49 different pre-defined reports are available, which can be run either on demand, scheduled, or execueted via our API. All scheduled reports can be delivered in either HTML or csv file format. Below are each of the reports, for each of the different categories:

User Reports

What passwords can a user see?

What passwords does a user still know?

What has a user been doing lately?

What Failed login attempts have there been?

Who hasn't logged in recently?

Who has one or more Security Administrator roles?

What Remote Sessions has a user been doing lately?

What user accounts are currently disabled?

What user accounts are set to expire?

Which users have logged in using the Emergency Access account?

What user account impersonation has been occurring?

What authentication option is applied for each user?

Password Reports

What passwords have failed Heartbeat?

What passwords have failed Reset?

What passwords require checkout?

What passwords are currently checked out?

What passwords require a Reason to be specified for access?

What passwords are expiring soon?

What passwords have recently been reset?

What password values have been reused?

What passwords have not been used lately?

What Passwords are not being synced?

Show Passwords configured for resets and their dependencies

Passwords Strength Compliance Status

Have I Been Pwned Compromises

Permission Reports

What permissions exist (all users and security groups)?

What permissions exist for a user?

What Permissions exist for a Security Group?

What permissions have changed recently?

What permissions exist for all shared password records (enumerated permissions report)?

What permissions exist for all Host Folders?

Who has been approved access to passwords recently?

Who has been denied access to passwords recently?

How many Administrators are there for each Shared Password List?

How many Administrators are there for each Password Folder?

Activity Reports

Remote Session Launcher Activity

Browser Extension Activity

Mobile Client Actviity

API Activity

Self Destruct Activity

Passive High Availability Module Activity

Miscellaneous Reports

Where are Privileged Account Credentials currently being used?

What security groups exist, and who are their members?

What Host records exist in Passwordstate, and what are each of their configuration items?

Document Reports

What documents have been uploaded into Password Folders?

What documents have been uploaded into Password Lists?

What documents have been uploaded into Password records?

What documents have been uploaded into Host Folders?

What documents have been uploaded into Host records?

Real-time And Scheduled Reports for Auditing Data

There are over 120 different audit events which are logged in Passwordstate, which can be reported against in real-time, or scheduled reports can be created for specific filtered events. Below is a list of the different categories:

All Activities
Access Granted
Access Removed
Access to Password Approved
Access to Password Denied
Access to Password Requested
Access to Password List Approved
Access to Password List Denied
Access to Password List Requested
Access Updated
All Passwords Exported
Auditing Data Archived
Brute Forced Blocked IP Added
Brute Forced Blocked IP Removed
Discovery Job Added
Discovery Job Completed
Discovery Job Deleted
Discovery Job Updated
Discovery Job Permissions Added
Discovery Job Permissions Removed
Document Deleted
Document Updated
Document Uploaded
Document Viewed
Email Sent
Email Template Enabled
Email Template Disabled
Email Template Updated
Emergency Access Event
Encryption Key Rotation
Encryption Keys Exported
Failed API Call
Feature Access Permissions Added
Feature Access Permissions Removed
Host Added
Host Deleted
Host Updated
Logged Off Manually
Logged Off Automatically
Login Attempt Failed
Login Attempt Succeeded
Password Added
Password Checked In
Password Checked Out
Password Copied Between Password Lists
Password Copied to Clipboard
Password Deleted
Password History Exported
Password History Retrieved
Password List Added
Password List Authentication
Password List Deleted
Password List Retrieved
Password List Updated
Password Moved
Password Navigation Tree Updated
Password Restored
Password Retrieved
Password Screen Opened
Password Reset Added to Queue
Password Reset Failed
Password Reset Removed from Queue
Password Reset Successful
Password Reset Script Added
Password Reset Script Deleted
Password Reset Script Updated
Password Reset Task Added
Password Reset Task Deleted
Password Reset Task Updated
Password Updated
Password Validation Failed
Password Validation Script Added
Password Validation Script Deleted
Password Validation Script Updated
Password Validation Successful
Password Viewed
Passwords Exported
Privileged Account Credentials Added
Privileged Account Credentials Deleted
Privileged Account Credentials Permissions Added
Privileged Account Credentials Permissions Removed
Privileged Account Credentials Permissions Updated
Privileged Account Credentials Updated
Privileged Account Credentials Viewed
Remote Session Connection
Remote Session Credential Added
Remote Session Credential Deleted
Remote Session Credential Permissions Added
Remote Session Credential Permissions Removed
Remote Session Credential Permissions Updated
Remote Session Credential Updated
Remote Site Location Added
Remote Site Location Deleted
Remote Site Location Updated
Reporting
Restricted Feature Changed
Security Administrator Added
Security Administrator Removed
Security Administrator Role Updated
Security Group Added
Security Group Updated
Security Group Deleted
Self Destruct Message Read
Self Destruct Message Sent
Session Recording Deleted
Template Access Granted
Template Access Removed
Template Access Updated
Template Added
Template Deleted
Template Updated
User Account Added
User Account Added to Security Group
User Account Disabled
User Account Enabled
User Account Updated
User Account Deleted
User Accounts Exported
User Identity Impersonated
User Removed From Security Group
UserName Copied to Clipboard