Entitlements | Trend Micro Service Central

Views:

View a summary of entitlements and permissions assigned throughout your cloud infrastructure to help identify and manage risky cloud identities that could lead to compliance violations and security incidents.

Important

This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Entitlements currently only supports AWS accounts.

Cloud infrastructure entitlement management (CIEM) is a complex task that involves managing user and machine identities and privileges across a great volume of cloud resources. Without proper visibility and management, privileged user or machine identities with excessive permissions can lead to data breaches and other security risks. CIEM identifies risky cloud identities to help users enforce the principle of least privilege throughout the corporate cloud infrastructure.

In the Entitlements tab of Cloud Overview, table view shows you all cloud identities in your organization, along with the identity risk score, number of policies assigned, and resources the identity can access. Click the corresponding number of policies or accessible resources to view a complete list. Click the corresponding icon in the Risk graph column to see the asset profile, risk graph, and risk assessment for the identity.

In widget view, you can view a summary of your cloud identities along with the top identity-related issues detected in your cloud infrastructure. The following table outlines the widgets available in the widget view of Entitlements.

Widget	Description
Cloud Identity Summary	Displays the total number of cloud identities in your infrastructure and totals of identities that could present risk, including: Human admins Non-human (machine) admins Overprivileged identities Unused or stale identities Click an identity type to see a list of identities matching the specified type. Identity types are determined based on asset profile tags and associated risk events.
Cloud Identity Risk Events	Displays the total number of cloud identity-related risk events over time along with the change in total from the previous day
Top Risky Identities	Displays the riskiest identities in your cloud infrastructure with the greatest potential impact on your cloud resources Click View all to see a list of all cloud identities in your organization.
Top Identity Misconfiguration Risk Events	Displays cloud identity misconfiguration-related risk events sorted by potential impact Click View all to see all cloud identity-based misconfiguration risk events in Operations Dashboard
Top Potential Attack Paths	Displays information about the top cloud identity-based risk events in your organization that could potentially facilitate an attack path Click View all to review activity and behaviors risk events in Operations Dashboard.
Identity Distribution	Provides a graph-based view of the distribution of different risky identity types in your organization over time Click an identity type to see a list of identities matching the specified type.