Learn about the Identity Assets inventory, which provides visibility into human and machine identities, and their permissions.
Powered by the Cortex Cloud Identity Security module, the Identity Asset Inventory helps you discover your entire cloud identity estate. It analyzes your environment to determine exactly what actions identities can take and which resources they can access, providing the context needed to trigger security detection rules.
The identity inventory is organized into the following categories:
All Identity Assets: Provides a view of all identity-related assets
Human Identities: All cloud, identity provider (IdP), and platform users.
Machine Identities: Non-human identities that can assume permissions and perform cloud Identity and Access Management (IAM) actions, such as VMs and functions.
Managed Vaults: Tracks secure storage environments for credentials and keys.
Secrets: Provides an inventory of credentials to help identify active or dormant secrets and review their replication and compliance
External Identity Providers: Tracks third-party identity services integrated with your environment.
Cloud Service Accounts: A category unifying AWS roles, Microsoft Azure service accounts and managed Identities, and Google Cloud Platform (GCP) service accounts.
IAM Group Tracks Identity and Access Management groups.
IAM Policies: Tracks permission documents, such as AWS policies, Azure roles, and Google Cloud Platform roles
Clicking an identity asset in the inventory opens a detailed asset card that provides deep contextual analysis. Because managing identity security requires understanding how assets interact with one another, the information available on these cards helps map the complex web of relationships and permissions within your environment.
While the specific layout changes depending on whether you are viewing a human identity, a machine identity, or a secret, the asset details generally provide an aggregated view of the permissions associated with the asset. By exploring the identity details, you can understand exactly how an identity is granted its permissions by viewing the groups it belongs to, the cloud service accounts it can impersonate, and any policy attachments or inline policies. You can also review an identity's specific access levels to destination assets, which highlights unused permissions, excessive permissions, and the account access type
Cortex Cloud dynamically calculates exactly what actions an identity can take and which resources it can access, analyzing the complex web of relationships and nested groups to track effective usage across the environment.