BalkanID Copilot
This document provides answers to common questions regarding the BalkanID Copilot, including common use-cases.
Last updated
Was this helpful?
This document provides answers to common questions regarding the BalkanID Copilot, including common use-cases.
Last updated
Was this helpful?
BalkanID Copilot enhances the user experience of BalkanID identity security and governance, allowing users to obtain answers by typing their questions in natural language. The technology behind BalkanID Copilot features a sophisticated data linkage system that facilitates fast querying and deep analytical capabilities. It also utilizes large language models (Currently, GPT4-o) to interact with the user. All our data is sourced from the BalkanID App.
Gain insights from your enterprise identity data quickly by asking questions in simple, non-technical language. Let BalkanID Copilot build your query from the questions you ask, or take advantage of common pre-built questions.
Insights are useful, but the true advantage of BalkanID Copilot lies in its automation. By generating playbooks, you can automate complex identity management tasks through Python code or text and visual query flowcharts.
Create custom reports by just asking questions in simple, non-technical language or choose from a set of pre-defined report templates. Let BalkanID Copilot stitch a report to your needs without complex reporting user interface, filters and no code.
The BalkanID Copilot is a discovery tool that can answer questions regarding a company’s employees, their identities, connections, resources, permissions and the integrated applications. It can also answer questions regarding access reviews, requests and campaigns, IAM risks and findings, BalkanID generated Roles and BalkanID Just-In-Time Purpose-Based Access Control (JITPBAC). While answering these questions, we also flag useful insights like SoD violations, privileged entities and terminated employees. This data is sourced from the entitlements and reviews data on the BalkanID app.
Here are some questions that you could try on the BalkanID App:
What identities are members of privileged groups in AWS?
Show me all employees, their departments, and job titles.
What applications have been integrated?
List all applications and the number of unmapped identities they contain.
Which user has the highest number of connections?
How many resources does each application contain?
List all terminated employees and their connections.
Show me terminated employees who have access to resources in various applications.
List all the campaigns and their progress.
What are the campaigns that target terminated employees?
Show me all the privileged permissions
List all identities that were reviewed, along with the campaign name and application details
List identities that have been reviewed in the last 90 days, along with the application and review details
List connections that have been reviewed in the last 90 days, along with the application and review details
List resources that have been reviewed in the last 90 days, along with the application and review details
List identities that have not been reviewed in the last 90 days, along with the application and review details
List connections that have not been reviewed in the last 90 days, along with the application and review details
List resources that have not been reviewed in the last 90 days, along with the application and review details
What campaigns are overdue?
Who has created the most number of requests?
List all grant requests over the past 3 months that were approved. Who are the reviewers?
What purposes are defined and who is eligible for them?
Who gained access via Purposes this week?
What purposes are set to expire before the end of the month?
List the accesses via purposes that are not least privileged. Also list the applications, and identities who have the accesses.
Create a joiner playbook for new employees
Create a playbook to revoke access for terminated employees who have active identities in AWS
Note:
Questions about connections, resources, and permissions should be enclosed in double quotes. e.g. Who all have access to “aws-prod-admin” connection?
Your interactions with BalkanID Copilot are private and secure. Only authorized personnel within BalkanID may access this information to ensure correctness and better user experience.
The BalkanID Copilot does not send PII to OpenAI or any other LLMs for its primary functionality. However, aggregated statistical data from query results is sent to OpenAI or other LLMs to generate summaries that make it easy for the user to interpret the result. This is not the case when the BalkanID Copilot is self-hosted (or hosted in a contained environment dedicated to the customer), which is an option provided to run BalkanID Copilot.
BalkanID Copilot can be deployed on top of existing existing Identity Security, IGA, PAM, IAM, Service Desk type tools like Okta, Microsoft Entra, Jira, SailPoint, etc.
Copilot enhances and complements your current IGA and IAM solutions in several ways, including:
Serving as an analytics and custom reporting tool
Feeding intelligence into IGA and IDP systems to boost workflows, such as:
Generating and feeding RBAC roles, policies, and recommendations during access request lifecycle and access review certification
Providing actionable insights and playbooks
Here you can find our overall .
To enable BalkanID Copilot on your tenant, contact your customer success representative or email at any time to discuss options.
