Excel Exports Everywhere! Permission Assist® 4.6 Released

We’ve been working hard to add features and enhancements that will help you continue shrinking your permission reviews.

Here are a few highlights in the Permission Assist 4.6 release…

Excel Exports – If you’ve ever wanted to export all identities, applications, privileges, conflicts, or even the current summary of a review (including all counts of pending, approved, and remediated items) – now you can! Simply click the Export button and you can view, sort, and Excel in whatever way makes you happiest all day long. Export To Excel

Import Data, Trending, and DiagnosticsOne question our clients get asked more frequently during an audit is, “How do you know the information in Permission Assist is the same as the information in your application?” Another question clients often ask is, “From a security perspective, how do I know if new privileges have been added?”

We’ve made getting the answers to these questions even easier with improved import data and diagnostics. Now, you can quickly see a summarized list of each import along with the date, the number of users and the overall percentage of change when the import took place.

With more detailed views, you can clearly see new users, new privileges, and an overall percentage of change after each import.

Permission Assist tracks these changes with each new import so that, over time, you’ll start to see trends. If an import results in changes that go outside of that trend, you’ll know immediately.

In the event an error occurs during an import, the new Import Log allows you to see what happened so the issue can be corrected.

Need help solving the problem? We’ve made it even easier! Just follow the step-by-step instructions to create an encrypted diagnostic file (basically just click a button) and send it to our support team using our secure support portal. You’re support issues are our top priority so we’ll get on it as soon as possible!

Set ‘On Behalf Of’ Reviewers for Supervisors – If you have supervisors who don’t typically review the permissions of their direct reports or who may be out of the office during a review, the new ‘On Behalf Of’ feature allows you to either temporarily or permanently shift review responsibilities to another person.

On Behalf Of

Audit Multiple Active Directory Applications – Do you have multiple banks or other entities in your Active Directory application? If so, you now have the ability to set up multiple Active Directory applications allowing you to audit each individually.

We have gotten a lot of great feedback on these enhancements and we appreciate it! More great enhancements are planned for 4.7 and we couldn’t be more excited. Thank you to all of you who helped in this release!

Review Enhancements – Permission Assist™ 4.5 Released

As we march towards v5.0, we’ve continued to make serious investments in architecture and testing; ensuring the future releases on our roadmap are going to be great!

Permission Assist™ 4.5 has been a significant release for us to continue delivering the promise of shrinking your permission reviews.  Here are a few highlights of the new features introduced…


Optional Security Team Reviews – Security team members can now be considered optional for a review.  If a review item does not have any reviewers (that is, has no application managers nor supervisor) then responsibility falls back on a security team member.  This is great for reviews where you only want an application manager to review a single specific application.


Reviewing Supervisor Reassignments– In version 3.5 we gave you the ability to reassign a review item to a different identity.  We’ve had a number of different requests to enhance this functionality in a number of ways.  As a result, now you have two new abilities: reassigning the reviewing supervisor and unassigned review items.

Common situations that lead up to supervisor reassignments: (1) the supervisor has left the company, and (2) the supervisor duties fall on an employee that does not participate in security audits such as C-level executives.  With the ability to reassign temporarily or permanently no “work-arounds” are now needed.  Unassigning the supervisor is a choice as well, and reviews that require supervisors will simply show it as not applicable.




Automatic Entitlement Roles – We’ve made building roles lightening fast in every sense of the word with better entitlement role building.

Simply select either an employee, directory group, or employee title.  Using statistics the system will automatically suggest which applications and privileges should be used to review against.  This is a HUGE time saver when asking the question “What privileges does this group of people have in common?”, or when attempting to build a role that encompasses the entitlements of a particular person…one click and you’re done!  Your role will match all the identities based on your criteria, include the applications they have in common, and select the recommended privileges for you.




The software development team is very happy to finally deliver you this release as we can now focus on the “big picture” yet again.  Thank you to all of our clients who helped in this release!

Permission Assist – Bank Integrations for Summer 2018

It’s a pleasure of ours to continue building the highest priority integrations our clients need.  We know they are helping you save tons of time and helping to avoid errors in reporting.  We’ve got a lot of changes coming for even more helpful plugin configuration, but until then here are the latest built specifically for the financial industry:

If we don’t have it, you only need to ask – if we haven’t proven it yet, we can integrate with anything.  Bank identity access audits at lightening speed is what we are shooting for, so eliminate the task of parsing those permission reports!


Risk Ratings – Permission Assist™ 4.4 Released

Permission Assist™ 4.4 is finally here with a much requested new way to rank your application privilege reviews with some enhancements to our permission tracking.

Permission Risk Ratings – You can now track and report your high risk user privileges through our new risk ratings feature.  By applying a criticality rank to your applications and/or permissions a new dimension is added to your reports.  A much requested feature in 2018!



Improved Individual 360 Report – Easier search functionality to find individuals who were in a particular review, application, permission risk rating(s), or a combination of all.  Create custom reports that have these filters applied to display just the information you are interested in.



Application Permission Report – Report on all the permissions within an application including their permission risk rating and overall usage.  Find and filter custom reports based on a particular review, permission risk rating(s), or a combination of both.




The 4.4 release took a lot of time, attention, and testing due to the finer details to support risk ratings; however, now that it’s in the books we have our eyes set on 4.5!  Thank you to all of our clients who participated in this release!

Salesforce is here!

It has been a long awaited integration, but the Salesforce plugin is finally here!

Doing this integration had a lot of challenges – one of which forced us to evolve our plugins to allow custom configurations.  However, we persevered for all the clients that have been asking for this very important integration as we continue to strive to make user access reviews as simple as possible.



Enhanced Core Functionality – Permission Assist™ 4.3 Released

Permission Assist™ 4.3 has officially been locked in stone, and getting your bank through identity access reviews has gotten even better with some new enhancements to our core functionality.

Selective Application Reviews – Review builders can now easily create reviews that only have a selected subset of applications. This allows the security team to have a lot more control around creating reviews with specific goals and/or the freedom to review certain applications at different frequencies throughout the year.

New Review Item Alerts – Sometimes events occur that may cause a shift in new responsibilities such as a supervisor changing.  Email alerts can now be configured to be sent out when a user has unexpected new tasks.

Better “Inactive User” Visibility – Throughout the entire application all views now show disabled/inactive user names in red text.  It is our hope that this will help you [wherever you are in the application] discover inactive identities.



The official release of 4.3 has been a long time coming, but we look towards the future and 4.4…here we come!

Cold Winter – Hot Integrations

The winter in Fargo has been bitter this year. Bad news for us, good news for you.

Because we’ve had to stay indoors to survive, we’ve had just that more time to build new application integrations!  As you can see, we are starting to see more B2B integrations which is great because it just isn’t your financial cores that take time to review. Here are the latest built specifically for the financial industry:


You keep asking – we keep delivering.  Bank permission reviews don’t need to include the task of gathering and transforming permission data, let us do it for you!


Principal Technologist Receives GSSP-.NET Certification

Sycorr’s Principal Technologist and Co-founder, Max Pool, has been recognized as successfully earning the GIAC Secure Software Programmer- .NET (GSSP-.NET) Certification.

The GSSP-.NET certification is for individuals responsible for coding secure software applications using .NET, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills. The certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common programming errors that lead to most security problems in 9 core areas:

  • .NET Authentication
  • .NET Authorization
  • .NET Data Validation
  • .NET Encryption
  • .NET Exception handling and logging
  • .NET Framework Security
  • .NET Session Management
  • Common Web and .NET Application Attacks
  • Secure SDLC

GIAC Certified secure software programmers (GSSP) have the knowledge, skills, and abilities to write secure code and recognize security shortcomings in existing code.


Taskboard UX Updates – Permission Assist™ 4.2 Released

Getting your entire organization through employee access reviews just got easier with the release of Permission Assist™ 4.2.

Financial institutions have been loving how quick they can compile review data – serious lift for companies in that area – but needed more help getting their masses of supervisors through the review process.  Distilling the feedback, we made some small (but impactful) changes to the taskboard that should help everyone out.

Application Status Menus – Users can now quickly see which applications they still have to respond to using the improved application menus on the taskboard.  These menus no longer show the overall status of the review, but rather are contextual to the signed-in user.



Simplified Quick Filters – Taskboard quick filters have been consolidated for clarity and ease of use.  The “My Outstanding” filter now allows you to filter by the different organizational roles you may be responsible for, and the “Status” filter allows you to show review items by any combination of available statuses.



Enhanced Privilege Descriptions – Application privileges that have been enhanced with a description now show an icon, that when clicked, displays additional information.  The Microsoft Active Directory privilege reader as been updated to use these description enhancements so while review Active Directory groups you have access to the description that resides in AD.



I’m getting the developers to look forward to 4.3!

Application Integrations Galore!

The freedom dynamic plugins in Version 4.1 of Permission Assist™ has not just helped our customers, but also our development staff to create new application privilege readers outside of feature version releases.

As a result, we can create new application integrations even faster.  Here are the latest built specifically for the financial industry:


We’ve proven time and again that there isn’t an integration we can’t make – and we have fun doing it!  (Yes, I guess that makes our ideas for fun a little on the weird side…)


Secured By miniOrange