Configure risk levels and profiles

Overview

This guide explains how to configure risk levels and Risk Profiles for saved queries in Veza. When you assign a risk level to a query, entities that match the query receive a risk score. Risk Profiles categorize queries by the type of authorization issue they detect, helping you organize and prioritize risks.

Use risk configuration to:

• Enable risk scoring for custom queries

• Categorize risks for easier triage and reporting

• Adjust severity levels to match your organization's priorities

• Organize dashboard views by risk category

Before you start

Before configuring risk levels and profiles:

• Create or identify the saved query you want to configure

• Determine the appropriate severity level (Critical, High, Medium, or Low)

• Review the Risk Profile categories to select the best match

Assign a risk level when saving a query

When you save a new query or edit an existing one, you can set its risk level and profiles.

1. Open the query in Query Builder or the Saved Query Details view.

2. Click Edit, then click Save.

3. In the save dialog, select a Risk Level (Critical, High, Medium, or Low).

4. Select a Risk Profile that describes the type of risk.

5. Click Save.

Entities that match the query will now receive risk scores based on the assigned severity.

Update risk details for an existing query

Use the Manage Risk Details modal to update risk configuration for any query that already has a risk level.

From the Risks page

1. Go to Access Intelligence > Risks.

2. On the All Risks tab, find the query you want to update.

3. Click the Actions menu (⋮) and select Manage Risk Details.

4. Update the Risk Level and Risk Profile as needed.

5. Click Save.

From a Dashboard

1. Go to Dashboards.

2. Open a dashboard and click a risk query tile.

3. On the query details page, click the Actions menu (⋮).

4. Select Manage Risk Details.

5. Update the settings and click Save.

From the Queries page

1. Go to Access Visibility > Queries.

2. Find the query and click the Actions menu (⋮).

3. Select Manage Risk Details.

4. Update the settings and click Save.

Set a risk level for queries without one

To find and configure queries that don't have risk levels:

1. Go to Access Visibility > Queries.

2. Use the Risk Level filter and select None.

3. Review queries that might represent risks.

4. Click the Actions menu (⋮) and select Manage Risk Details.

5. Choose the appropriate severity and Risk Profile.

6. Click Save.

Use Risk Profiles on dashboards

Risk Profiles can organize how queries appear on dashboards.

1. Go to Dashboards.

2. Open a dashboard.

3. Click the Group By button (shows the current grouping, such as "Group By Section").

4. Select Risk Profile from the dropdown.

Dashboard widgets will be grouped by their assigned Risk Profile categories, making it easier to see risk distribution across categories.

Limitations

Veza-created query restrictions: Queries created by Veza have pre-assigned Risk Profiles that you cannot modify. You can change the risk level for these queries, but the Risk Profile selection is disabled. This preserves system-defined categorizations while allowing you to adjust severity based on your priorities.

See also

• Access Risks

• Investigate risks

• Dashboards