Starling Identity Analytics & Risk Intelligence Hosted - User Guide

Starling Identity Analytics & Risk Intelligence Getting started Settings Collaborators Collector agents Licensing Rules Risk Verification Reports

Entitlements view

The Account Evaluation Details list is displayed at the bottom of the Account Evaluation Details page. When Entitlements is selected, via the toggle located above the list, the following information appears:

(Entitlement name)

This is the name of the entitlement. An entitlement that resulted in an increased risk level for an existing high risk account is indicated by a icon. A new high risk entitlement that is associated with the account is indicated by a icon.

To locate a specific entitlement, hover over the icon above the list to display the Filter Entitlements field. Begin typing the name of the entitlement you want to locate and the Entitlements view will update accordingly.

(Trustee name)

This is the trustee that has been granted the entitlement.

(Data source type)

This is the type of data source associated with the entitlement.

(Instance name)

This is the name of the data source instance.

(Target)

This is the name of the target or, in cases where multiple targets apply, the type of target.

Rules

This is the number of matched rules for the entitlement

Expanding an entitlement in the list displays a table with the following information:

Matched Rules

This is the name of the matched rule. Clicking the rule name will switch to the Rules view. A rule that resulted in an increased risk level for an existing high risk account is indicated by a icon. A new high risk rule that is associated with the account is indicated by a icon. Clicking the name of the rule switches to the Rules view for the rule.

Granted Target

When applicable, this column will be displayed to show the number of targets granted by the permission. Clicking on the value opens the Target Details page

Affected Objects

When applicable, this column will be displayed to show the number of objects affected by the permission. Clicking on the value opens the Affected Object page which lists the affected and unaffected objects associated with the rule. If the affected objects are the same as the granted targets then nothing will be listed in this column. If there are no affected objects then the Affected Objects page will not be available for the permission.

Verification

This column displays the current verification status for the associated rule. The following statuses may appear:

  • Pending: This status shows that a request for verification has occurred but has not yet been completed. A pending verification request may be canceled by an administrator manually on the Verification page, or may be canceled automatically by Starling Identity Analytics & Risk Intelligence if the configuration or data is changed which causes the rule to no longer be matched for the account. This can occur when the rule is disabled or deleted, a default rule is replaced with a cloned rule, the data source instance is unlicensed, or the matched entitlements are removed from the data source instance for the account.
  • Approved: This status shows that the user has been confirmed as needing to match the listed rule.
  • Rejected: This status shows that although the data source currently has the user matching this rule, this should not be the case. Any rules marked Rejected should be removed for the user within the data source.

Requesting verification

The following procedure explains how to request verification that the listed user should in fact match this rule.

To request verification

  1. Click Risk in the navigation bar to open a drop-down menu with additional links.
  2. Click High Risk Accounts in the drop-down menu to open the High Risk Accounts page.
  3. Locate the high risk account you want to view additional details on in the High Risk Accounts table at the bottom of the page. You can use the filtering options available on the page to locate the account.
  4. After locating the high risk account, click in the row associated with that account to open the Risk Profile page.

  5. Click one of the rules listed in the Matched Rules section to open the Account Evaluation Details page.
  6. On the Account Evaluation Details page, locate the rule for the user that you want to verify and click the associated Request verification. To locate a specific rule, use the button at the top of the table to search according to rule name.

    NOTE: If you do not have a verifier account available, you will be unable to proceed until a new collaborator with the appropriate permissions is invited to your organization.

  7. In the Request Verification dialog, the information to be verified will be listed along with the Assign to verifier drop-down menu. Select the name of the verifier using the drop-down menu.
  8. Click Submit Request. The selected verifier will be notified that verification has been requested and the Account Evaluation Details page will update to display the current status of your verification request. The request will also be listed on the Verification page.

    After a request has been sent, clicking on the verification column will direct you to additional information regarding the status of the request. For more information, see Verification Details page.

Introduction to Target Details

The Target Details page is used for displaying the granted and not granted targets associated with a rule. This page is displayed by clicking on the expanded information for any of the rules listed on the Account Evaluation Details page.

Target Details page

To display the Target Details page, click on the value in the Granted Target column for an expanded rule or entitlement listed on the Account Evaluation Details page. The Target Details page is used for listing the targets granted by the permission.

The following information appears on this page:

(Account name)

This pane displays the name and information regarding the account. Increased high risk accounts are indicated by a . New high risk accounts are indicated by a icon.

(Rule name)

This displays the name and information regarding the rule. A rule that resulted in an increased risk level for an existing high risk account is indicated by a icon. A new high risk rule that is associated with the account is indicated by a icon. An icon will also appear next to the permissions to indicate the change to the entitlements.

Granted (target type)

This displays the percentage of this target type (for example, Group or OrganizationalUnit) granted to the permission. The total number of granted targets appears beneath the percentage.

Not Granted (target type)

This displays the percentage of this target type (for example, Group or OrganizationalUnit) not granted to the permission. The total number of not granted targets appears beneath the percentage.

The table at the bottom of the page displays specific information regarding the granted and not granted targets. For more information, see Target Details table.

Related Documents