At Rabobank we're interested in obtaining the raw date from the elasticsearch runnable. The statistics are stored in the elasticsearch runnable
and currently there is no way to export the raw data into a text file or
something similar.
Architect/Designer - Support NTLM authentication for proxy
Almost all customers are using NTLM authentication for proxy servers as this is considered far more secure. With more and more customers moving to the cloud, the fact of only supporting basic authentication becomes a bottleneck as the security dep...
Azure AD Integration - Multi Factor Authentication (MFA)
The current authentication method for Aris Element / Advanced is using a single factor authentication (username/password). This is not secure enough, multi factor authentication is the standard for business SaaS applications. Aris contains commerc...
Multiple LDAP - Remove limitation of 5 characters for LDAP ID
If you're using the Multiple LDAP functionality the LDAP ID (com.aris.umc.ldap.connection.id) is limited to 5 Characters so it's not possible to use the Domain Name as the "identifier" as the ID will be added automatically infront of all userIDs t...
The finding impacts on Web UI and Desktop app.
The administrator is able to login to the application with username and password only. A compromise of these credentials may cause serious security issues, like deletion of users, website defacement,...
Application Sends Sensitive Data Unencrypted via email
The finding impacts on the Web UI
Confidential data (such as electronic statements) is delivered to the user via an insecure channel such as email. This exposes potentially sensitive data in plaintext over local and intermediary networks. This tr...
To avoid our ARIS administrators have permanent access to
high privileges to their Personal Accounts (PA) as they have those high
privileges to perform user management tasks.
The suggestion is
to have a Non-Personal Account (NPA) instead, which c...
Scenario: Custoemr is using SAML SSO with import of users from IdP. Such users are created in UMC as local users. Users who are using SAML
today are still able to reset their passwords, and use the "SKIPSSO" backdoor to
login with their identity...