We have redesigned and enhanced
the Identity page in SSPM to help you
better detect identity-related threats in your organization. Previously, you could
view account risks for one SaaS app instance at a time. The Identity page now
contains an overview of account risks across all instances of supported SaaS apps
used in your organization. You can still view information for a single SaaS app
instance by applying a filter to the overview.
The overview divides the threats into the threats detected for non-human identities
(such as services that authenticate to an API by using a token or an API key) and
human identities (accounts tied to individual people). For the non-human and human
identities, the threats are further categorized by the types of threats, such as
dormant accounts, overprivileged accounts, and guest accounts. In addition to
filtering the view to show data for a single instance of a SaaS app, you can filter
by human and non-human identities and by the types of identity threats.
Tables on the Identity page provide details for each individual threat that SSPM
detected, based on any filters that you have applied. An Identity
Threats table shows these threats based on individual SaaS accounts.
A separate Unique Identities table also shows threats, but in this table SSPM
attempts to resolve a user's various identities across SaaS apps into a single
unified identity. SSPM uses single sign-on (SSO) information from your identity
provider and common login email addresses to consolidate identities.