One of the biggest challenges with Team / Shared website credentials is lack of non-repudiation. Multiple users can access the same credentials at the same time so it’s difficult to trace who did what on the target web application.
Using existing or a separate browser extension the user session to the particular target website can easily be recorded on user actions like click, keystroke etc and store those recordings as a separate audit. Almost all the PAM systems in the market offer this feature.
Hey @pcm just to confirm, you’re looking to audit more than what is available in the current event reporting functionality that can be piped out to external SIEM tools? Event Logs | Bitwarden