Chat now with support
Chat with Support

Starling Identity Analytics & Risk Intelligence Hosted - User Guide

Starling Identity Analytics & Risk Intelligence Getting started Settings Collaborators Collector agents Licensing Rules Risk Verification Reports

Introduction to Risk Profile

The Risk Profile page is used to display the details for an account with high risk entitlement classification rules when the account name is clicked on the High Risk Accounts page or on the Rule Details page. This page is displayed when additional information is needed regarding a specific high risk account. For information on accessing this page, see Accessing the Risk Profile page or Viewing information about a matched account.

Accessing the Risk Profile page

The Risk Profile page provides insight into the selected high risk account.

To access the Risk Profile page

  1. Click Risk in the navigation bar to open a drop-down menu with additional links.
  2. Click High Risk Accounts in the drop-down menu to open the High Risk Accounts page.
  3. Locate the high risk account you want to view additional details on in the High Risk Accounts table at the bottom of the page. You can use the filtering options available on the page to locate the account.
  4. After locating the high risk account, click in the row associated with that account.

    NOTE: Hovering over the values in the Matched Entitlement Rules or Matched Entitlements columns displays a list of up to three of the associated rules or entitlements. Clicking See All in those dialogs opens the Account Evaluation Details page.

Risk Profile page

To access the Risk Profile page, see Accessing the Risk Profile page. The Risk Profile page is used for information regarding the risk level of an account.

The following information appears on this page:

(Account name)

This pane displays the name and information regarding the account.

# of Entitlements over Time

This chart displays the entitlements that triggered entitlement classification rules for each of the listed dates. Clicking the name of an entitlement type within the legend will remove the related data from the chart. Clicking the name of the entitlement type a second time will add the data back into the chart.

Percentage of Entitlements via Group Access

This chart displays the entitlements that triggered entitlement classification rules during the last evaluation date. Clicking a type of access within the legend will remove the related data from the chart. Clicking the type of access a second time will add the data back into the chart.

For information on the panes appearing at the bottom of the Risk Profile page, see Risk Profile panes.

Risk Profile panes

On the Risk Profile page there are two panes displayed at the bottom of the page. They display information on the matched rules and entitlements for the account.

Matched Rules pane
Matched Rules

This displays the number of entitlement classification rules that are currently triggered by the account’s entitlements. The table below specifies each of those matched entitlement classification rules.

To search based on a rule name, hover over this icon to display the Filter Rules field. Begin typing the name of the rule you want to locate and the Matched Rules table will update accordingly.

Rules

This column lists the name of the rule. A rule that resulted in an increased risk level for an existing high risk account is indicated by a icon. A rule that resulted in a newly designated high risk account is indicated by a icon.

Direct Entitlements/Group Entitlements display

The center portion of this table uses colored bars (a key is provided at the bottom of the table) to reflect the type and number of entitlement(s) associated with the entitlement classification rule (for example, a combination bar of light and dark blue shows that within the same entitlement classification rule both Direct Entitlements and Group Entitlements were matched). Hover over the bar for an explanation of what is being displayed.

Entitlements

This displays the total number of entitlement matches within the entitlement classification rule, regardless of whether they were direct or group entitlements.

Matched Entitlements pane
Matched Entitlements

This displays the number of entitlements that trigger the rules matched by this account. The table below specifies each of those matched entitlements.

To search based on an entitlement name, hover over this icon to display the Filter Entitlements field. Begin typing the name of the entitlement you want to locate and the Matched Entitlements table will update accordingly.

Permissions

This column lists the names of the entitlements. An entitlement that resulted in an increased risk level for the account is indicated by a icon. An entitlement that resulted in a newly designated high risk account is indicated by a icon.

Trustee

This column lists the name of the trustee that has been granted the permission.

Instance

This column lists the name of the instance in which the entitlement was granted to the account.

Target

For Active Directory and Active Rules entitlements this column shows the target container (Group, Domain-DNS, Organization-Unit, and so on) associated with the granted permissions. For Safeguard entitlements, this column shows either the entitlement name, user name, or a path-like value (which includes the entitlement name, policy name, and possibly an account name) associated with the granted permission. It also displays the number of targets that have been granted the permission.

Direct Entitlements/Group Entitlements display

This unlabeled column uses colored bars to indicate whether the permission is a direct or group entitlement. Hover over the bar for the entitlement type.

Rules

This column lists the number of rules the entitlement is associated with.

Selecting any rules or entitlements listed in these panes will display the associated Account Evaluation Details page

Related Documents