>
    Remediate Identity Security Risks
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. Remediate Posture Security Risks
    4. Remediate Identity Security Risks
    Download PDF
    SaaS Security

    Remediate Identity Security Risks

    Table of Contents

    Remediate Identity Security Risks

    Take action on identity security risks that you identified by using the Identity Security dashboard.
    Where Can I Use This?What Do I Need?
    • Strata Cloud Manager
    • SaaS Security Posture Management license
    Or any of the following licenses that include the Data Security license:
    • CASB-X
    • CASB-PA
    SaaS Security Posture Management includes an Identity page to help you identify misconfigurations in your identity posture. Specifically, the dashboard gives you visibility into common identity threats such as overpriviledged accounts, dormant accounts, and accounts with unrotated credentials. The identity page also reveals problems with multi-factor authentication (MFA), such as users with no MFA or with weak MFA.
    After you use the Identity Security dashboard to identify misconfigurations in your identity posture, you can take action to resolve the problems.
    1. Log in to Strata Cloud Manager.
    2. Select ManageConfigurationSaaS SecurityPosture SecurityIdentity.
    3. Investigate potential problems shown in the Identity page, and take action as needed.
      • Investigate dormant accounts and delete the accounts if they are not in use.
      • Investigate accounts that have not had their credentials rotated for a long period. Identify the person who can rotate the credentials. Delete the account if you're certain it's not in use.
      • Investigate overprivileged accounts and reduce the account permissions if that level of permission isn’t required.
      • Investigate guest accounts to ensure they are necessary and that their access to your resources is properly restricted.
      • Investigate local accounts, which are accounts that weren’t created through your identity provider. If possible, create a corresponding account through your identity provider so you can delete the local account.
      • Investigate users with no MFA or weak MFA. Hove these users enroll in strong second authentication factors that your organization requires. Create or modify policies to close the MFA enforcement gaps.
      If you linked SSPM to an issue tracking system, you can create a ticket to resolve the issue. For example, you might create a ticket for the administrator of the affected SaaS app to investigate the problem further. From the Identity Threats table, select one or more of the detected threats and File Ticket.

    © 2025 Palo Alto Networks, Inc. All rights reserved.