View Identity Groups
A group represents a logical collection of user identities that are managed together to simplify access control and identity administration.
The Identity Groups section provides visibility into all organizational groups within your infrastructure. Groups are fundamental organizational units that control access to resources and systems. This section allows you to manage group structures, understand membership composition, assess security risk, and ensure proper governance of group-based access controls. Tracking groups as assets helps identify high-privilege or sensitive groups, understand who controls them, monitor their usage, and assess the security risk they introduce to applications, resources, and environments.
For each group, the following information is displayed:
| Column | Description |
|---|---|
| Group Name ID | Displays the name of the group along with its unique identifier. |
| Criticality | Displays the business importance of the group. |
| TruRisk™ Score | Displays the calculated TruRisk™ score for the group. |
| Owner | Displays the user or users responsible for managing the group. |
| Domain | Displays the domain of the group. |
| Group Type | Displays the functional category of the group. |
| Timeline | Displays the first found and most recent seen activity associated with the group. |
View Group Identity Details
The Group Identity Details page provides details of the group identity discovered in your environment. This page displays essential identification information, including the group name, unique identifiers, group type, ownership, and visibility.
Expand the Inventory, Security, and Sources sections from the left pane and see various tabs under each section. To know more about the details you can see from these tabs, refer to the following topics:
Inventory Section
The Inventory section provides detailed information about the selected group.
The following tabs are available under the Inventory section:
The Group Identity Summary page displays the group’s critical attributes, ownership, visibility, activity timeline, and contextual metadata.
The summary displays high-level information about the group, including:
| Field | Description |
|---|---|
| Group Name | The primary name of the group. |
| Criticality Score | The Asset Criticality Score (ACS) assigned to the group. |
| TruRisk™ Score | The calculated TruRisk™ score of the group. |
Identification
The Identification section displays key attributes used to uniquely identify the group.
| Field | Description |
|---|---|
| Group ID | The unique identifier of the group. |
| Group Name | The name of the group. |
| Display Group Name | The display name of the group. |
| Group Type | The functional or business classification of the group. |
| Group Owners | Users responsible for managing the group. |
| Group Visibility | Displays whether the group is private or publicly visible. |
Activity
The Activity section provides the following information for the group:
| Field | Description |
|---|---|
| First Discovered On | The date and time when the group was first discovered. |
| Last Updated On | The most recent date and time when group attributes were modified. |
The Group Identity Details page provides all metadata associated with a selected Group.
General Information
The General section displays the general details of the group.
| Field | Description |
|---|---|
| Group ID | Unique identifier of the group. |
| Group Name | The name of the group. |
| Display Group Name | The display name of the group. |
| Description | Functional description of the group. |
| Group Type | Classification of the group based on its function. |
| Group Owners | Users responsible for managing and maintaining the group. |
| External Asset ID | External identifier associated with the group. |
| Last Updated On | Date and time when the group details were last modified. |
Additional Attributes
This section lists custom key–value attributes discovered or assigned to the group.
| Attribute | Description |
|---|---|
|
Distinguished Name |
The unique LDAP path that identifies the object’s location in Active Directory. |
|
Group SID |
The security identifier (SID) that uniquely identifies the group within the domain. |
|
Domain SID |
The unique security identifier assigned to the Active Directory domain. |
|
Domain |
The name of the Active Directory domain where the group exists. |
|
Group Type |
The classification of the group based on its scope and security function. |
The Permissions tab displays the access rights assigned to the user identity across different resources.
| Field | Description |
|---|---|
| Summary | Overview of the group's overall access and permission posture. |
| Permission | The type of operation the group is allowed to perform, such as Read, Write, Update, or Delete. |
| Resource | The specific resource on which the permission is granted, for example, a repository, application, or service. |
| Resource Type | The category of the resource. |
Security Section
The Security section provides risk and security-related insights for the group. This section helps you assess the security posture of the group and prioritize remediation efforts based on risk indicators.
The following tab is available under the Security section:
Identity TruRisk™ ScoreIdentity TruRisk™ Score
The TruRisk™ Score provides a risk-based assessment of the group by aggregating multiple contributing factors. This score helps you understand the potential security impact of the group within your environment.
