Does conjur have the functionality to perform a search for secrets in the cloud projects and generate a report indicating at least their location, type, creation date and integration status to Secrets Management tool control.
2.Does Conjure Identify and alert the creation of secrets that are not in the control of Secrets Management tool.
3.Does Conjure support one-time password generation
4.Does Conjure record all actions performed by system administrators configuring the secrets in the destinations or repositories
Conjur cloud does not have the capability to search or identify the secrets. The same feature was in the roadmap of CyberArk Secrets Hub. Not sure if this is implemented
No. Conjur does not support one time password generation as of now.
Conjur keeps track of all activities happening within Conjur.
SIEM integration is possible. Conjur generates its audit logs and export in text and JSON formats which conform to the syslog protocol outlined in RFC 5424.
Most importantly, Conjur is not a secrets discovery solution rather its a secrets management solution. In order to discover the secrets any SAST tools or similar solutions in the market can be leveraged. Once they are discovered, get all those secrets into Conjur and consume them securely in pielines and containerized platforms.