Identity Overview
The Identity Overview page provides a high-level view of your cloud identity and access management (IAM) posture, displaying key metrics, trends, and top findings to help you quickly identify and prioritize areas for improvement.
Access the Overview
To access the Identity Overview dashboard, log in to Sysdig Secure and navigate to Identity > Overview from the left navigation bar.
This documentation reflects the Identity Overview page as it appears with Advanced CIEM enabled. If you’re using Basic CIEM, panels based on observed entitlement usage will not be available.
Highlights
The Identity Overview dashboard is designed for rapid identification of:
- The overall scope of severe identity risks in your environment.
- Your adherence to least privilege principles through unused permissions.
- Trends in identity hygiene issues and the effectiveness of your remediation efforts.
- The most critical misconfigurations and risky access patterns across various identity types.
It provides quick insights into your worst identity problems, enabling you to streamline remediation and enhance your cloud security posture.
Interactive Behavior and Filtering
- Clicking on panels or rows within tables (for example, a specific finding type in Top Critical & High Severity Findings or a user in Users with Most Unused Permissions) will navigate you to the Identity Findings page with filters automatically applied to match your selection. This allows for immediate drill-down into the details relevant to your area of interest.
- The dashboard can be filtered globally using the options in the upper-left corner:
- Zone: Filter data by one or more Zones, which are logical groupings of resources such as accounts, clusters, or applications.
- Platform: Filter by specific cloud platforms (for example, AWS, Azure, GCP).
- Observed > 90 Days: This filter helps you focus on identities that have been observed by Sysdig Secure for a minimum of 90 days. Filtering for observed identities helps ensure that the least privilege recommendations are based on a sufficient period of activity profiling, providing higher confidence in the insights.
Dashboard Panels
The Identity Overview dashboard is organized into several sections, each providing insights into different aspects of your identity security posture.
Overall Posture Metrics
These panels provide a high-level summary of your most critical identity findings and unused permissions across the environment.
| Panel | Description |
|---|---|
| Critical & High Severity Findings | Critical & High Severity Findings is the total number of urgent Identity hygiene issues. Use this to assess the overall scope of severe identity risks. Note: This data point is the most current count from your latest scan. This number will update as scans complete. |
| Average Unused Permissions | Average Unused Permissions is the average percentage of excessive permissions across all identities. Use this to evaluate overall adherence to least privilege principles. |
| Average Unused Permissions (Last 30 Days) | Average Unused Permissions (Last 30 Days) shows the trend of excessive permissions over time. Use this to monitor progress in reducing over-permissioned identities. |
| Critical & High Severity Findings (Last 30 Days) | Critical & High Severity Findings (Last 30 Days) shows the trend of severe identity hygiene issues over time. Use this to track changes in severe findings and evaluate remediation efforts. |
| Top Critical & High Severity Findings | Top Critical & High Severity Findings shows the most common urgent identity hygiene issues. Use this to identify and prioritize the most critical misconfiguration. |
| Columns: | Finding type, Severity, # findings. |
Unused Permissions
These tables highlight identities with excessive permissions, helping you prioritize least privilege refinement efforts.
| Unused Permissions | Description | Columns |
|---|---|---|
| Users with Most Unused Permissions | Lists IAM users with the highest percentages of unused permissions. Use this to identify users for access rights cleanup. |
|
| Roles with Most Unused Permissions | Lists IAM roles with the highest percentages of unused permissions. Use this to refine over-permissioned roles. |
|
| Groups with Most Unused Permissions | Lists IAM groups with the highest percentages of unused permissions. Use this to refine group-level access and reduce excessive permissions. |
|
| Service Identities with Most Unused Permissions | Lists service identities with the highest percentages of unused permissions. Use this to refine automated account access and enforce least privilege. |
|
| IAM Policies with Most Unused Permissions | Lists policies with the highest percentages of excessive permissions. Use this to target policies for least privilege refinement. |
|
Identity Hygiene Section
These panels help you identify and manage various identity hygiene issues, reducing the attack surface.
| Panel | Description | Columns |
|---|---|---|
| Longest Inactive Users | Longest Inactive Users lists users with the longest periods of inactivity. Use this to identify stale accounts and reduce exposure to compromise. |
|
| Inactive Identities by Resource Family | Inactive Identities by Resource Family shows a breakdown of inactive identities by resource family. Use this to identify dormant accounts and improve lifecycle hygiene. | Visualization: Donut chart of Inactive Identities (split by Groups/Roles/Users/Service Accounts), showing count by identity type. |
| Key Management Findings | Key Management Findings summarizes issues related to access key misconfiguration. Use this to mitigate risks from exposed or improperly managed access keys. |
|
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
