We have redesigned and enhanced the Identity page in SSPM to help you better detect identity-related threats in your organization. Previously, you could view account risks for one SaaS app instance at a time. The Identity page now contains an overview of account risks across all instances of supported SaaS apps used in your organization. You can still view information for a single SaaS app instance by applying a filter to the overview.

The overview divides the threats into the threats detected for non-human identities (such as services that authenticate to an API by using a token or an API key) and human identities (accounts tied to individual people). For the non-human and human identities, the threats are further categorized by the types of threats, such as dormant accounts, overprivileged accounts, and guest accounts. In addition to filtering the view to show data for a single instance of a SaaS app, you can filter by human and non-human identities and by the types of identity threats.

Tables on the Identity page provide details for each individual threat that SSPM detected, based on any filters that you have applied. An Identity Threats table shows these threats based on individual SaaS accounts. A separate Unique Identities table also shows threats, but in this table SSPM attempts to resolve a user's various identities across SaaS apps into a single unified identity. SSPM uses single sign-on (SSO) information from your identity provider and common login email addresses to consolidate identities.