Views:

Manually or autocratically add user accounts with a high risk exposure to the Zscaler-defined restricted user group to allow for Zscaler policy enforcement.

This task can be triggered manually using the context menu in Attack Surface Discovery or automatically by creating Automated High-Risk Account Response playbooks.
This task is supported by the following services:
  • Microsoft Entra ID
Important
Important
The response action is available only after you have configured Zscaler Internet Access integration or Zscaler Private Access integration in Third-Party Integration.

Procedure

  1. After identifying the user account to apply Zscaler policies to, access the context or response menu and click Add to Zscaler Restricted User Group.
    The Add to Zscaler Restricted User Group screen appears.
  2. Confirm the targets of the response.
  3. Specify a Description for the response or event.
  4. Click Create.
  5. Monitor the task status.
    1. Open Response Management.
    2. (Optional) Locate the task using the Search field or by selecting Add to Zscaler Restricted User Group from the Action drop-down list.
    3. View the task status.
      • In progress (in_progress=GUID-A55897DB-3DEA-4F5C-B7F9-70B3D7FB9EDE=1=en-us=Low.jpg): Trend Vision One sent the command and is waiting for a response.
      • Successful (successful=GUID-1E31AD86-DE2E-48B5-85F7-7C78A3E8BB11=1=en-us=Low.jpg): The command was successfully executed.
        When successful, the access control policy defined in Zscaler can be applied to the user account.
      • Partially successful (partially_successful_icon=GUID-20230103030733.jpg): The task was unsuccessful on one or more IAM service
      • Unsuccessful (error=5cc21722-7ceb-480c-b9c2-a47d420cf1cc.jpg): The task was unsuccessful on all connected IAM services
      • Pending approval (pending_approval=f0525c66-199a-46f5-b40a-902bd498cf53.jpg): The task is pending approval from specified users
      • Rejected (rejected=bd05fc87-5b5d-4d84-bfb1-3a6dc09ddac5.jpg): The task has been rejected