The Risk Profile page is used to display the details for an account with high risk entitlement classification rules when the account name is clicked on the High Risk Accounts page or on the Rule Details page. This page is displayed when additional information is needed regarding a specific high risk account. For information on accessing this page, see Accessing the Risk Profile page or Viewing information about a matched account.
The Risk Profile page provides insight into the selected high risk account.
To access the Risk Profile page
After locating the high risk account, click in the row associated with that account.
NOTE: Hovering over the values in the Matched Entitlement Rules or Matched Entitlements columns displays a list of up to three of the associated rules or entitlements. Clicking See All in those dialogs opens the Account Evaluation Details page.
To access the Risk Profile page, see Accessing the Risk Profile page. The Risk Profile page is used for information regarding the risk level of an account.
The following information appears on this page:
This pane displays the name and information regarding the account.
This chart displays the entitlements that triggered entitlement classification rules for each of the listed dates. Clicking the name of an entitlement type within the legend will remove the related data from the chart. Clicking the name of the entitlement type a second time will add the data back into the chart.
This chart displays the entitlements that triggered entitlement classification rules during the last evaluation date. Clicking a type of access within the legend will remove the related data from the chart. Clicking the type of access a second time will add the data back into the chart.
For information on the panes appearing at the bottom of the Risk Profile page, see Risk Profile panes.
On the Risk Profile page there are two panes displayed at the bottom of the page. They display information on the matched rules and entitlements for the account.
This displays the number of entitlement classification rules that are currently triggered by the account’s entitlements. The table below specifies each of those matched entitlement classification rules.
To search based on a rule name, hover over this icon to display the Filter Rules field. Begin typing the name of the rule you want to locate and the Matched Rules table will update accordingly.
This column lists the name of the rule. A rule that resulted in an increased risk level for an existing high risk account is indicated by a icon. A rule that resulted in a newly designated high risk account is indicated by a icon.
The center portion of this table uses colored bars (a key is provided at the bottom of the table) to reflect the type and number of entitlement(s) associated with the entitlement classification rule (for example, a combination bar of light and dark blue shows that within the same entitlement classification rule both Direct Entitlements and Group Entitlements were matched). Hover over the bar for an explanation of what is being displayed.
This displays the total number of entitlement matches within the entitlement classification rule, regardless of whether they were direct or group entitlements.
This displays the number of entitlements that trigger the rules matched by this account. The table below specifies each of those matched entitlements.
To search based on an entitlement name, hover over this icon to display the Filter Entitlements field. Begin typing the name of the entitlement you want to locate and the Matched Entitlements table will update accordingly.
This column lists the names of the entitlements. An entitlement that resulted in an increased risk level for the account is indicated by a icon. An entitlement that resulted in a newly designated high risk account is indicated by a icon.
This column lists the name of the trustee that has been granted the permission.
This column lists the name of the instance in which the entitlement was granted to the account.
For Active Directory and Active Rules entitlements this column shows the target container (Group, Domain-DNS, Organization-Unit, and so on) associated with the granted permissions. For Safeguard entitlements, this column shows either the entitlement name, user name, or a path-like value (which includes the entitlement name, policy name, and possibly an account name) associated with the granted permission. It also displays the number of targets that have been granted the permission.
This unlabeled column uses colored bars to indicate whether the permission is a direct or group entitlement. Hover over the bar for the entitlement type.
This column lists the number of rules the entitlement is associated with.
Selecting any rules or entitlements listed in these panes will display the associated Account Evaluation Details page