Insights to understand and act on authorization risks and relationships that Veza has discovered.
Last updated
Was this helpful?
Veza's query-driven insights enable organizations to observe, track, and remediate authorization risks using the power of the Authorization Graph. See following sections and related topics to learn more about Reports, Rules and Alerts, Risks, and Analyze.
Getting started
You can quickly get started with Veza Insights by exploring the Dashboard, and clicking Open in Reports to view the associated Queries in detail.
Identify a you want to track.
Add that query to a new
Add the Report to the .
Give the query a to flag entities in the results.
Create a to get notifications when the query results meet the specified conditions.
Repeat the process for other Saved Queries.
A is a collection of , organized to best meet the needs of a specific organization, team, or user.
Opening a report shows a summary of current results, with the option to view trends, investigate entities and relationships in Graph, or open and change the original search in Query Builder.
Reports can be Veza-built or user-created, and set to private or public visibility. Owners can make customizations by opening a report and clicking Edit.
Rules can trigger when the total number of results change
Rules can also trigger when there are changes in properties for entities in the query results.
Rules can trigger an alert in the form of a service desk ticket, an email, or a custom webhook.
You can track least privilege violations, anomalies, and non-standard configurations by marking a Saved Query as a risk and setting a risk level. You can write your own queries to define potential exploits and access control risks, or use out-of-the-box saved queries.
The Analyze page provides utility search interfaces for specific tasks like reviewing Group and Role assignments. For example, you can find all users belonging to a group, all users that can assume a role, or review all group/role access for a single user.
The Compare feature allows security and identity teams to perform side-by-side comparative analysis of permissions between users or between roles. This functionality helps identify access differences, potential privilege violations, and supports access governance initiatives. See Compare for more details.
Compare offers two main functionalities:
User Comparison - Compare two users of the same type
Role Comparison - Compare two roles of the same type
Comparison is most useful after you have created baseline profiles (such as an engineering_profile Okta User or a standardized AWS IAM Role) with the appropriate level of access. You can then compare other users or roles to the baseline to see how group and resource access varies from the established norm.
Adding reports to section allows users to customize summaries that appear on the primary Veza Home page for easy access and continuous monitoring. Dashboard tiles show the trending change for the last week or month, and the most recent query results. You can edit these reports and queries to focus on the most important findings.
You can define and monitor security baselines using for . A rule consists of a baseline query, thresholds of conditions, and notification settings. Alerts trigger when the Rule's conditions are met.
The results of these queries are highlighted in Graph search when Show Risks is enabled. Active risks be reviewed on the page. For results that can't be acted on or are safe to ignore, you can individually mark the entities as exceptions, or add filters to the original query.
For more advanced Segregation of Duty (SoD) capabilities, Veza offers a that enables comprehensive identification and management of toxic access combinations across your organization.
