Elevate
If the users select Elevate as the policy action, configured users or users’ groups will be asked for elevation to run the configured application in the selected endpoints. In this step, the user is expected to choose the endpoints. These endpoints could be agents or agent groups that are grouped earlier in the agent dashboard.
In this step, users will be configuring child processes. When an application is launched it may be required to run some child processes to make the application function. Since not every application requires this and it could be used as an attack vector, system admins can decide whether this application will be permitted to call and execute child processes or not. If this is not configured with care, it can prevent applications from running normally.
In the last step, the user is expected to configure a just-in-time access configuration. When an agent blocks an application users can ask for an elevation to access the blocked application. Users can configure the required security steps to grant access to the user. This can be configured separately for admins and standard users. To get access depending on the configuration users can be asked for MFA and Managerial approval via email.