Hi Alex,
Thanks for the reference, but I need to correct it:
We (Xiting) provide the ability to enrich SU24 so that decisions are transferred to the menu of the role as much as possible, and the ability to perform simulations of authorizations in role(s) to verify whether they would have failed without them actually having to fail. This transfers irritant test system activities to passive simulations in production and authorization sensitive code scans in development.
But we do not offer a GRC Risk Terminator alternative which warns admins in PFCG before they add access to a role. That is the domain of GRC.
While on the topic: What I would like to have however though is a webservice from GRC to integrate into the trace environment though. That way GRC could be used to perform SOD type checks at the time of trouble-shooting and not when making the changes. Unfortunately GRC does not provide this.. :-(
Cheers,
Julius