☑️Getting Started

Welcome to Veza, your unified access control platform for data governance, data access management, cloud entitlements, privileged access, and much more.

This page introduces important features to help you implement and operationalize Veza for your organization and teams. You will learn how to enable external integrations and begin leveraging Access Intelligence, Access Search, and Access Reviews.

See the following sections for details:

• Configure Veza to discover enterprise resources

• Explore your entity catalog

• Leverage built-in and customized Access Intelligence

• Search and query for who has access to any resource

• Conduct ongoing Access Reviews

• Secure non-human identities

• Operationalize Veza for your users and teams

Configure Veza to discover enterprise resources

To fully make use of Veza, you will need to integrate the Identity, Cloud, and application providers used by your organization. Veza periodically connects to these application providers and data sources to populate the Access Graph and gather entity metadata.

To add integrations, open Integrations and click Add Integration. For more details, see Veza Integrations and Configuring Integrations. You can learn more about the requirements for each integration in the related setup guide.

Explore your entity catalog

Veza builds a catalog of all your entities across identity providers, cloud providers, apps, and data systems. You can review all of these on the Dashboards > Home page. Choose data sources from the menu to view all the entity types Veza has discovered, and click an entity type to bring up a list of those entities in the Query Builder, where you can view additional attributes and details.

The metadata Veza discovers includes Tags from cloud providers (such as AWS tags or GCP labels) You can also create and apply Veza tags to identify sensitive cloud data assets across multiple providers and applications. Open Access Intelligence > Tags to see the tags Veza has already discovered.

Leverage built-in and customized Access Intelligence

Veza ships with hundreds of out-of-the-box assessment queries to provide rapid insight into risks, anomalies, and the overall state of authorization within integrated systems.

The main Dashboards page showcases some of these top risks and important insights, with the option to open any query to inspect the detailed results. Use Dashboards to review built-in and custom dashboards. Then, try creating a custom dashboard to capture data access trends and track risks for your organization.

See the Insights overview for more information about Risks, Rules, and the Analysis section.

Search and query for who has access to any resource

Veza discovers the connections between entities in the Access Graph and makes these relationships searchable with a visual Graph search and flexible Query Builder.

You can use these Access Visibility features to explore the different types of entities in the Data Catalog. To get started, go to Access Visibility > Queries, and try opening some out-of-the-box assessments in the Query Builder to fine-tune them based on your organization's priorities and unique environments.

• Search for a single entity (such as an Okta User or Snowflake Database) using the Graph search bar to show all the connections Veza has found.

• Specify a source and destination entity in Query Builder to find all entities of the source type with a relationship to entities of the destination type.

• Apply filters on any of the entity attributes Veza has discovered to narrow your search using rich metadata such as user department, manager, or last activity date.

See the Search overview for more information about the Graph and Query Builder search interfaces.

Conduct ongoing Access Reviews

Veza Access Reviews enable repeatable, granular, and integrated certification campaigns. These can be conducted by a single auditor, or involve collaborators automatically assigned from many departments and teams. Open Access Reviews to create and manage configurations for user access reviews, privileged access reviews, entitlement management, role management, identity lifecycle, and more.

• Depending on the business and compliance requirements, Access Reviews can audit user access to data, resource entitlements, roles, groups, and policies, or any other source -> destination relationship discovered by Veza.

• After creating a configuration that defines the scope of a review, administrators and operators can create and schedule new reviews, and assign each result row to individual managers or resource managers for review and attestation.

See Access Reviews for more information about creating a Workflow and starting and reviewing Certifications.

Secure non-human identities

Veza NHI Security provides comprehensive visibility and governance for service accounts, API keys, and automated systems. Organizations typically have 10-45 non-human identity (NHI) accounts per human user, making this a critical area for security coverage.

• Navigate to NHI Security > Overview to assess your current NHI landscape and identify priority areas.

• Assign owners to critical NHI accounts and establish accountability for service account governance.

• Use NHI-specific saved queries and VQL to identify high-risk patterns such as unowned accounts with admin privileges, dormant credentials, and cross-account access.

• Set up Rules and Alerts and Access Reviews scoped to NHI accounts for ongoing governance.

For organizations managing AI agents and workload identities, see Access AI for generative AI capabilities that extend NHI visibility with natural language queries and intelligent risk detection.

Operationalize Veza for your users and teams

Veza is designed to support collaboration between users and teams and integrate with external systems and workflows. Once you've familiarized yourself with the platform, you can invite your team, enable outbound actions and alerts, and enable advanced functionality:

• Configure notifications in other enterprise apps such as Jira, Slack, and ServiceNow.

• Enable SAML Single Sign On for your identity provider.

• Invite and manage users and create teams for role-based access control.

• Create Alert Rules to get notifications when thresholds and conditions are met.

• Configure Veza Actions to remediate risk findings by automatically creating Jira tickets, ServiceNow incidents, or Slack alerts when rules trigger.

• Explore and customize administrative settings for Access Reviews.

• Explore Veza APIs and developer documentation.

• Enable Activity Monitoring for supported integrations.

• Enable Access AI for natural language queries, semantic search, and AI-powered risk detection across your environment.