Docs
All About Hydden
Dashboards
Identity Posture

Identity Posture

Identity Posture

The Identity Posture dashboard is a data visualization page. The page shows the widgets explained in detail below.

Threat Score

This widget gives users a high-level view of all the account threat rankings grouped by Low, Moderate, and Critical and an overall Tenant Threat score based on the same three groupings.

img
Threat Score widget

Total Discovered Identities

The total number of Identities discovered by Hydden collectors provides an identity footprint within an organization.

An identity is typically the digital representation of a person, similar to a driving license or a passport. However, it’s important to note that it’s not directly used for authentication, but rather to represent the person who may perform an authentication.

img
Total Discovered Identities widget

Total Discovered Accounts

The total number of Accounts discovered by Hydden collectors provides an account footprint within an organization.

In contrast to an identity, accounts are the objects used to authenticate. Common account types are User Accounts, Service Accounts, and Computer Accounts. Most accounts are comprised of authentication pairs, such as a username and password or client ID and client secret. Hydden only collects account information and metadata and does not collect the more sensitive password information, such as password hashes or keys.

img
Total Discovered Accounts widget

Accounts Mapped to Identities

This widget provides users with an overview of how well-managed their accounts are, such as whether every account has an owner (someone or something). Accounts without owners represent a threat to the organization, so this data is important to ensure an organization is maintaining a good identity management posture.

img
Accounts Mapped to Identities widget

Account Mapping History

Use the Account Mapping History link to view your organization’s trends around identity mapping, which shows if the overall identity posture has been improving or deteriorating over time.

Discovered Accounts by Platform

The Discovered Accounts by Platform widget provides an overview of where the majority of an organization’s accounts are located. The top three platforms are visualized on the widget.

img
Discovered Accounts by Platform widget - showing the top three platforms

New Accounts

The New Accounts widget shows the number of new accounts detected by selecting the day, week, or month button. If the number of new accounts unexpectedly rises, this widget helps identify possible attacks and/or suspicious behavior. This data point helps users identify threats or attacks quicker (see new accounts history to support this widget).

img
New Accounts widget

Shared Accounts

This widget provides an overview of the number of accounts that are mapped to more than one identity. Shared accounts are viewed negatively for a company’s overall identity posture.

img
Shared Accounts widget

Stale Accounts

The Stale Accounts widget shows the number of accounts that had their last login more than 3, 6, or 12 months or potentially never. Looking at stale accounts helps an organization perform proper Identity Hygiene, which is critical to reducing the identity attack surface. With this widget, organizations can identify the number of accounts not being used and refer to a report to assist with account clean-up. Good identity hygiene requires keeping the number of unused/unnecessary accounts as low as possible.

img
Stale Accounts widget

Stale Passwords

The Stale Passwords widget shows the number of accounts that have a password that was last changed either over 3, 6 months, or 12 months ago or never had a password. Looking at stale passwords helps an organization perform proper Identity Hygiene, which is critical to reducing the identity attack surface. With this widget, organizations can identify the number of accounts that have old passwords and refer to a report to assist with remediation efforts. Good identity hygiene requires users to change their passwords regularly to help reduce security threats caused by password data breaches.

img
Stale Passwords widget

Failed Logons

The Failed Logons widget shows the number of failed sign-ins for the last 3, 6, or 12 months. This widget helps identify possible attacks and/or suspicious behavior should the number of failed log-ins increase unexpectedly.

img
Failed Sign-ins widget

MFA Status

This widget shows the number of different MFA providers detected during Hydden discoveries. MFA attacks are now becoming the norm for identity-related breaches and most MFA deployments in organizations are not properly configured. Organizations have multiple MFA providers (Duo, Okta) and resources that are not properly integrated and/or lack real-time visibility into MFA status at a user level, resource level, account level, or macro level.

img
MFA Status widget

Compromised Identities and Accounts

Knowing what accounts and/or identities have been compromised in any known data breach allows users of Hydden to take appropriate action to ensure that the account remains secure.

img
Compromised Identities and Accounts widget

This widget shows three data points:

  • Compromised Accounts: The number of discovered accounts that match data in any 3rd party RISK feed, for example, “Have I been pwned”.
  • Compromised Identities: Number of identities whose email address(es) match on known data breaches.
  • High-Risk Accounts: The Number of discovered accounts that match data in any 3rd party RISK feed, for example, “Have I been pwned”, who have not changed their password since the data breach occurred.

To access the report, click View History.

Discovered Groups

This widget shows the total number of Discovered Groups (Total Groups) and the total number of Discovered Privileged Groups (Privileged Groups).

img
Discovered Groups widget

Discovery Analytics