Access Intelligence

Activity Monitoring Timeframe

A customizable period used to calculate Over Provisioned Scores for users and roles, based on entitlement usage within a set period of time. To change the range, go to the System Settings page and pick 1, 7, 30, 60, 90, or 120 days as the value. The default value (Auto) is 30 days.

Alerts

Alerts activate when a built-in or custom rule condition is met. Each alert includes a summary of changed entities since the last rule evaluation. Alerts are published via notifications, which include a summary of the original query. Notification delivery methods include email and outbound integrations or webhooks.

Dashboard

The primary Veza landing page features customizable dashboards and report summaries. The dashboard provides a high-level overview of access risks and out-of-the-box insights, with options to quickly act on any tile. You can add or remove reports to Dashboards by adding them to the Dashboard Reports report category.

Related documentation: Dashboard

Exception

An entity to ignore as a Risky Entity, due to matching a condition or being individually marked as an exception. Constraints on the query can mark entities as "Exceptions" based on a filter rule (for example, all resources in a test environment, or system roles that are not reasonably actionable).

Related documentation: Exception

Insights

Veza Insights provide tools to understand and act on risky entities and relationships using the Access Graph. Veza Insights include customizable Reporting, the Access Risks Dashboard, Rules, and Alerts.

Related documentation: Insights

Over Provisioned Access Score

OPAS represents the percentage of resources an identity is granted permission to access, but has not utilized recently. For example, if a user reads on 3 tables, but is entitled to read from 10, they are over-provisioned by 70%. The OPAS can change depending on the resources and permissions selected by the original query.

Related documentation: Over Provisioned Access Score

Query Integrations

A system-provided attribute listing all integrations involved in a query. You can filter by integration when searching for queries to add to Reports, or on the Saved Queries page.

Related documentation: Query Integrations

Query Labels

A customer or system-provided attribute, intended for risk categorization and query organization.

Related documentation: Query Labels

Report

A collection of queries, organized into sections for actionable insights on Access Graph data. Reports can be built-in or user-created, and private or public.

Related documentation: Report

Report Category

Report categories are used to group reports on the Reporting > Reports page. Access Risk tiles are based on reports in the Dashboard report category.

Related documentation: Report Category

Report Section

Sections in reports contain groups of saved queries, based on the provider, type or risk, or other customizable criteria.

Related documentation: Report Section

Risk

Any entity that appears in the results of a saved query with a risk level is considered a Risk. Marking a query as a Risk can define security baseline, misconfiguration, common access risk, or other anomalies, enabling alerts and recommendations. You can mark a Risk as an Exception to prevent it from appearing as a risk.

Related documentation: Risk

Risk Level

Level of risks if the query result contains non-zero results. Risk level can be 'critical' or 'warning'.

Related documentation: Risk Level

Rules

A rule consists of a baseline query, thresholds of conditions, and notification settings, delivered when conditions are met. The default action is to send an Alert to the Alerts page.

Related documentation: Rules

Veza Events

A page with a complete list of system events as well as events related to Integrations and Rules.

Related documentation: Veza Events

← Back to Glossary