Supported detections
Identity Security Posture Management has the ability to detect the following issues in your organization. The detected issues are prioritized and listed in the order of severity on the Issues page of the ISPM console by default. Use the filters available on the Issues page to view issues that are more relevant to you.
Critical impact
|
Issue |
Main risk category |
Additional risk categories and segments |
|---|---|---|
| Old Password, No MFA, Unused Admin Accounts | MFA | Admin, Toxic combination |
| Old Password, No MFA, Unused Admin Service Accounts | MFA | NHI (Non-human identities), Admin, Toxic combination |
| No MFA - Global Admin Account | MFA | Admin |
| Leaked stale passwords - Accounts without MFA | Password hygiene | Toxic combination |
| Pending MFA - Global Admin Account | MFA | Admin |
High impact
|
Issue |
Main risk category |
Additional risk categories and segments |
|---|---|---|
| Old Password, No MFA, Unused Accounts | MFA | Toxic combination |
| Old Password, No MFA, Unused service accounts | MFA | NHI, Toxic combination |
| Old Password - Global Admin Account | Password hygiene | Admin |
| Old Password - Global Admin Service Account | Password hygiene | NHI, Admin |
| Unused Global Admin Account | Least privilege | Admin |
| Unused Global Admin Service Account | Least privilege | NHI, Admin |
| Partially Off-boarded user | Least Privilege | Offboarding |
| No MFA - Admin Account | MFA | Admin |
| Pending MFA - Admin Account | MFA | Admin |
| No MFA Enforced - Global Admin Account | MFA | Admin |
| Excessive number of super admins | Least privilege | Admin |
| Emergency Admin In Use | Least privilege | NHI, Admin, Risky usage |
| SSO Bypass - Admin | MFA | Admin |
| Old Password - Admin Account | Password hygiene | Admin |
| Old Password - Admin Service Account | Password hygiene | Admin |
| Unrotated and unused keys and tokens - Admin | Password hygiene | NHI, Admin, Toxic combination |
| Unrotated keys and tokens - Admin | Password hygiene | NHI, Admin |
| Leaked stale passwords - Accounts with MFA | Password hygiene | Toxic combination |
| Unused Admin Account | Least privilege | Admin |
| Unused Admin Service Account | Least privilege | NHI, Admin |
| Unused Keys and Tokens - Admins | Least privilege | NHI, Admin |
| Service account with console access - Admin | Least privilege | NHI, Admin |
| Unused Administrative Roles | Least privilege | Admin |
| Unused Administrative Roles - Service Accounts | Least privilege | NHI, Admin |
| Unused AWS Administrative Permission Sets | Least privilege | NHI, Admin |
Medium impact
|
Issue |
Main risk category |
Additional risk categories and segments |
|---|---|---|
| AWS cross-account privilege escalation | Least privilege | NHI, Admin |
| No MFA - Account | MFA | |
| Pending MFA - Account | MFA | |
| SSO Bypass - Account | MFA | |
| Old Password - Account | Password hygiene | |
| Old Password - Service Account | Password hygiene | NHI |
| Unrotated and unused keys and tokens - Account | Password hygiene | NHI, Toxic combination |
| Unrotated keys and tokens - Account | Password hygiene | NHI |
Low impact
|
Issue |
Main risk category |
Additional risk categories and segments |
|---|---|---|
| Unused Account | Least privilege | |
| Unused Service Account | Least privilege | NHI |
| Service account with console access - Account | Least privilege | NHI |
| Unused keys and tokens - Account | Least privilege | NHI |