Supported detections

Identity Security Posture Management has the ability to detect the following issues in your organization. The detected issues are prioritized and listed in the order of severity on the Issues page of the ISPM console by default. Use the filters available on the Issues page to view issues that are more relevant to you.

Critical impact

Issue

Main risk category

Additional risk categories and segments

Old Password, No MFA, Unused Admin Accounts MFA Admin, Toxic combination
Old Password, No MFA, Unused Admin Service Accounts MFA NHI (Non-human identities), Admin, Toxic combination
No MFA - Global Admin Account MFA Admin
Leaked stale passwords - Accounts without MFA Password hygiene Toxic combination
Pending MFA - Global Admin Account MFA Admin

High impact

Issue

Main risk category

Additional risk categories and segments

Old Password, No MFA, Unused Accounts MFA Toxic combination
Old Password, No MFA, Unused service accounts MFA NHI, Toxic combination
Old Password - Global Admin Account Password hygiene Admin
Old Password - Global Admin Service Account Password hygiene NHI, Admin
Unused Global Admin Account Least privilege Admin
Unused Global Admin Service Account Least privilege NHI, Admin
Partially Off-boarded user Least Privilege Offboarding
No MFA - Admin Account MFA Admin
Pending MFA - Admin Account MFA Admin
No MFA Enforced - Global Admin Account MFA Admin
Excessive number of super admins Least privilege Admin
Emergency Admin In Use Least privilege NHI, Admin, Risky usage
SSO Bypass - Admin MFA Admin
Old Password - Admin Account Password hygiene Admin
Old Password - Admin Service Account Password hygiene Admin
Unrotated and unused keys and tokens - Admin Password hygiene NHI, Admin, Toxic combination
Unrotated keys and tokens - Admin Password hygiene NHI, Admin
Leaked stale passwords - Accounts with MFA Password hygiene Toxic combination
Unused Admin Account Least privilege Admin
Unused Admin Service Account Least privilege NHI, Admin
Unused Keys and Tokens - Admins Least privilege NHI, Admin
Service account with console access - Admin Least privilege NHI, Admin
Unused Administrative Roles Least privilege Admin
Unused Administrative Roles - Service Accounts Least privilege NHI, Admin
Unused AWS Administrative Permission Sets Least privilege NHI, Admin

Medium impact

Issue

Main risk category

Additional risk categories and segments

AWS cross-account privilege escalation Least privilege NHI, Admin
No MFA - Account MFA
Pending MFA - Account MFA
SSO Bypass - Account MFA
Old Password - Account Password hygiene
Old Password - Service Account Password hygiene NHI
Unrotated and unused keys and tokens - Account Password hygiene NHI, Toxic combination
Unrotated keys and tokens - Account Password hygiene NHI

Low impact

Issue

Main risk category

Additional risk categories and segments

Unused Account Least privilege
Unused Service Account Least privilege NHI
Service account with console access - Account Least privilege NHI
Unused keys and tokens - Account Least privilege NHI

Related topics

Integration guides