Identity Intelligence

Modified on Thu, 5 Sep at 7:08 PM


CloudDefense.AI's Cloud Identity Entitlement Management (CIEM) helps govern your Cloud Identities and effectively minimize the risk that they impose on your organization by revealing unused identities, and identities with excessive or risky privileges


CloudDefense.ai provides you with details about risk factors associated with identities, such as use of access keys, lack of multi-factor authentication, and internet exposure. This information can help you detect identity-related risks such as identity theft, or the blast radius of a potential breach.

This means that identities are only granted the smallest set of permissions to do their tasks. CIEM provides in-depth visibility into permissions granted to cloud entities and calculates which permissions are effective.


View Identity Details:


View Risks associated with an Identity:



Recommended Access:


The top of the identity intelligence page gives the user an overview of the


  1. Number of identities

  2. Number of users

  3. Number of services

  4. 3rd Party Identities 

  5. Federated Identities


etc. of the cloud account with an evaluation of the severity level of the IAM user and role.



The identity intelligence page has 5 filters to filter the data and findings of IAM users and roles


  • IAM type filter 

  • Severity filter 

  • Services filter

  • Label filter 

  • Last activity filter


Also, users can spot the


  • All the IAM users and roles 

  • Their last activity 

  • Service used by IAM users and role 

  • Findings for IAM users and role


IAM type filter:


The user can spot the result of the identity intelligence page by IAM type. Users can have a separate view of IAM user and IAM roles by IAM type filter


Severity filter:


The user can spot the result of the Identity intelligence page by the impact of severity as well. 4 severity parameters are available on the identity intelligence page e.g. Critical severity, High severity, Medium severity, and low severity.



Services filter:


A IAM user might take several services in a platform e.g.Amazon Managed Service for Prometheus, Amazon EC2, Amazon Route 53 Domains, AWS CloudWatch RUM, Amazon Connect Voice ID, etc. So our users can also see the result of finding the page by service taken by the IAM user.


Label filter:


Label filter allows the user to spot the result of the identity intelligence page by its label e.g. MFA, No MFA, Admin, EC2 elevated permission, 3rd party, etc.



Last activity filter:


Last activity filter allows the user to select a date range and spot the result within the date range.



All IAM users and roles:


IAM column of the identity intelligence page allows the user to see all the IAM users and roles.


Last activity:


Last activity column allows the user to spot the data of the last activity of the IAM user and role.



Service:


The service column allows the user to spot the number of services taken by the IAM user. Also, it has a modal view to spot the service.




Findings: 


Finding column allows the user to spot the number of finding generated for the IAM user and role. It has a brief modal view and a detailed modal view. By clicking on the finding number user can see a brief view of the modal.



Also, Finding has a details view in the modal. By clicking on the IAM user and role, our user can see the detail about the finding so that the user can take necessary action regarding the findings.


Again the user can spot more information about the IAM user and role on the modal e.g. general info, credentials info, policy attaches info, etc.


The permission tab of the modal allows the user to spot the resource and service of the IAM user and their role in the graph view

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article