Use Cases
Explore various use cases for managing identity and access within Sysdig Secure.
| Section | Panel Name | Tooltip | User Story | |
|---|---|---|---|---|
| Overview | Critical & High Severity Findings | Critical & High Severity Findings is the total number of urgent Identity hygiene issues. Use this to assess the overall scope of severe identity risks. | As a Program Owner, I want to quickly understand the total number of severe hygiene issues so I can assess the overall risk and prioritize immediate remediation efforts. | |
| Overview | Critical & High Severity Findings (Last 30 Days) | Shows the trend of severe identity hygiene issues over time. Use this to track changes and evaluate remediation efforts. | As a Program Owner, I want to track the trend of severe identity hygiene issues over time, broken down by identity type, so I can measure the effectiveness of my hygiene improvement efforts, identify emerging problems, and prioritize resources for the most critical areas. | |
| Overview | Top Critical & High Severity Findings | Shows the most common urgent identity hygiene issues. Use this to identify and prioritize the most critical misconfiguration. | As a Program Owner, I want to view the most critical identity hygiene findings, so I can address high-risk misconfiguration without delay. | |
| Identity Hygiene | Key Management Findings | Summarizes issues related to access key misconfiguration. Use this to mitigate risks from exposed or improperly managed access keys. | As a Program Owner, I want to monitor identities with access key misconfiguration (for example, “Access Key Not Rotated” or “Multiple Active Keys”), so I can reduce risks of key misuse. |
| Section | Panel Name | Tooltip | User Story |
|---|---|---|---|
| Overview | Average Unused Permissions | Average percentage of excessive permissions across all identities. Use this to evaluate adherence to least privilege. | As a Program Owner, I want to see the average percentage of excessive permissions across my identities so I can gauge the overall effectiveness of my least privilege enforcement efforts. |
| Overview | Average Unused Permissions (Last 30 days) | Shows the trend of excessive permissions over time. Use this to monitor progress in reducing over-permissioned identities. | As a Program Owner, I want to track the trend of excessive permissions over time, broken down by identity type, so I can measure progress, identify potential regressions, and understand which identity types require the most attention. |
| Least Privilege | IAM Policies With Most Unused Permissions | Lists IAM policies with the highest percentages of excessive permissions. Use this to target policies for least privilege refinement. | As a Program Owner, I want to identify IAM Policies with high percentages of unused permissions, so I can refine and enforce least privilege effectively. |
| Least Privilege | Groups With Most Unused Permissions | Lists IAM groups with the highest percentages of unused permissions. Use this to refine group-level access and reduce excessive permissions. | As a Program Owner, I want to identify groups with high percentages of excessive permissions so I can focus on right-sizing group permissions and reducing the risk of widespread privilege escalation. |
| Least Privilege | Users With Most Unused Permissions | Lists IAM users with the highest percentages of unused permissions. Use this to identify users for access rights cleanup. | As a Program Owner, I want to identify individual users with high percentages of excessive permissions so I can investigate potential insider threats or compromised accounts and enforce least privilege principles. |
| Least Privilege | Roles With Most Unused Permissions | Lists IAM roles with the highest percentages of unused permissions. Use this to refine over-permissioned roles. | As a Program Owner, I want to identify Roles with high percentages of unused permissions, so I can refine and enforce least privilege effectively. |
| Least Privilege | Service Identities With Most Unused Permissions | Lists service identities with the highest percentages of unused permissions. Use this to refine automated account access and enforce least privilege. | As a Program Owner, I want to identify Service Identities with high percentages of unused permissions, so I can refine and enforce least privilege effectively. |
| Identity Hygiene | Inactive Identities by Resource Family | Shows a breakdown of inactive identities by resource family. Use this to identify dormant accounts and improve lifecycle hygiene. | As a Program Owner, I want to see the count of inactive identities by Resource Family so I can identify accounts that may be vulnerable to takeover and improve my identity lifecycle management processes. |
| Identity Hygiene | Longest Inactive Users | Lists users with the longest periods of inactivity. Use this to identify stale accounts and reduce exposure to compromise. | As a Program Owner, I want to identify users with the longest periods of inactivity so I can assess the risk of compromised accounts and enforce account lifecycle policies (for example, disable or remove stale accounts). |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
