Skip to content

Viewing the Accounts Inventory

Select Inventory > Accounts from the left panel to view of all user accounts discovered across your organization.

Use quick filters to refine accounts listed in the table by login method, identity risks, risk levels, and newly discovered. Additional filtering can be applied by selecting More filters.

By default, accounts discovered for non-corporate assets, such as applications that users log in to with their consumer credentials are hidden from the Accounts Inventory. Some legitimate corporate assets may be accessed using unknown credentials (usernames without a domain suffix) or consumer / social login. To display discovered accounts for all applications, select the Suitcase icon .

Select the Grid / Visualization  toggle to switch between view types:

  • Grid View - The default tabular view displaying detailed application and account metrics.
  • Visualization Mode - Keeps the same underlying query but allows you to create visualization charts and visual summaries based on SaaS attributes, usage, or risk indicators.

Select the Export data as CSV icon to export the grid view as a CSV file for further analysis and reporting.

Selecting an account opens the detail panel with detailed contextual information:

  • Account risk level - Provides quick visibility into the accounts overall risk posture.
  • Graph– Provides visibility into how authentication is performed and risks associated with that access.

Account Graphical View

When selecting an account record the details page displays a graph highlighting the authentication relationship between a user and an application account, providing visibility into how authentication is performed and what risks are associated with that access.

The graph helps security and identity teams:

  • Understand how access to an application is granted.
  • Identify SSO bypass scenarios.
  • Detect high-risk authentication patterns.
  • Assess password-related identity risks and blast radius.
  • Navigate between related user and application records for investigation.

The graph visualizes:

  • The authentication methods used by the user to access the account, including:
    • SSO-based access.
    • Local (direct) authentication.
    • Both methods simultaneously.
  • Identity-related risks associated with the account, including:
    • Weak passwords.
    • Compromised passwords.
    • Reused passwords.

Notes

  • It is common for an application to be onboarded to SSO while still allowing direct local access. This scenario is identified as an SSO Bypass, representing a potential access risk.
  • When password reuse is detected, the graph expands to show all additional applications and websites where the same password was used by the same user, providing visibility into lateral exposure risk.

Building a Basic Account Search Query

Basic search queries can be created by searching for an account name or part name and selecting the filter dropdowns to refine your search criteria.

To build a basic search query:

  1. Go to Inventory > Accounts from the left panel.

  2. (Optional) Enter an account name or part name in the search and select Enter.

  3. Select the filter dropdowns to refine your search.

    • Login methods - select the desired sources.
    • Identity risks - select the desired risk types.
    • Risk Levels - select the desired risk level.
    • Newly discovered - select the desired time frame during which the application was discovered.

  4. Select More Filters to further filter based upon users, account status and MFA status.

The search results are displayed based upon your selected search query. To save your query, select the Database icon  next to the search box, and select Save as new query.

Building Advanced Account Search Queries

Custom search queries can be created using the search box. Search queries for specific use cases can be built using predefined search query syntax's and combined with AND, OR, NOT, AND NOT, and TO operators.

To build an advanced search query:

  1. Go to Inventory > Accounts from the left panel.

  2. Enter the required syntax into the search box.

Select the Database icon  next to the search box, and select Save as new query.