Dynamic user groups help you to automate security policy. Users are automatically added to dynamic user groups based on tags, without requiring you to manually create and commit policy or group changes. When Prisma Access detects anomalous user behavior or malicious activity, it can auto-tag the associated user and the tag adds the user to a dynamic user group. This means you can automatically enforce remediation actions for users based on their activity.

To set up dynamic user groups, go to ManageConfigurationObjectsDynamic User Groups.

Learn more about dynamic user groups (DUGs) and other objects that you can create to use as policy building blocks.