The 18 Workday security checks Black Cat runs
Black Cat SSPM evaluates 18 security policies against your Workday configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.
access control
Review and reduce security group membership
Remove unused security group or add members
Reduce domain permissions for this security group
audit
Enable user activity logging for the tenant
authentication
Strengthen password requirements to minimum 12 characters with complexity
Configure SSO for centralized authentication
Reduce session timeout to 60 minutes or less
Configure account lockout to prevent brute-force attacks
Renew the delegated authentication x.509 certificate
Disable local password fallback to enforce SSO
identity
Review and disable inactive Workday accounts
Disable the Workday account for this terminated worker
Assign a manager to this worker
integration security
Review and disable unused integrations
Reduce integration functional areas to minimum required
mfa
Enable MFA for this Workday user account
Enable MFA enforcement in the authentication policy
network security
Configure trusted IP ranges to restrict Workday access