Product Ideas Portal

Got an idea for a new feature? Maybe a tweak to make something work even better? Wish there was an integration with another product to make you even more productive? You've come to the right place.

The Product Ideas Portal lets you submit whatever product feedback you have, good, bad, ugly, and anywhere between.

Want to stay anonymous? Don't worry, no email address or name fields are shared on the public portal. You can create an account which lets you vote on other people's ideas and receive updates when your idea's status changes.

To learn more about how an idea becomes a feature, check out this infographic.

Use permissions from injected credentials for file transfer/shell/registry etc

Currently as it stands (as I understand it), File Transfer, Command Shell, and Registry Access are an all-or-nothing feature, where if someone can transfer files they can do it with SYSTEM privileges. Even scarier, they can use a command shell with said privileges.


I think it would be extremely beneficial if, when using an ECM for credential injection, we had the ability to disable these tabs until the user is authenticated, and then use the permission level of the authenticated user's shell and file permissions.

  • Guest
  • Jun 21 2019
  • Under evaluation
  • Attach files
  • Guest commented
    15 Sep, 2020 03:23pm

    This is a much needed feature from security perspective. We use vault ECM for controlling who can access which server inside same Jump Groups. But everyone can open File Transfer/Command Shell/Registry Access on any server even their ECM credentials are not authorized to access such servers.
    BeyondTrust, please implement this feature in a future release.

  • Guest commented
    2 Oct, 2019 06:07pm

    I would agree.  Why expose these tabs when the user has not yet authenticated to the endpoint.  BeyondTrust support, when can this be done?