📖Cisco Identity Checks
Cisco Identity Intelligence provides two categories of insights: identity threat detection and identity posture management. More information about the different types of checks can be found here.
Navigate to the relevant section or search for a specific area of interest in the list below. Click on any detection to read more information about what criteria is used to fail a user for a specific check, which data sources are compatible with each check, as well as recommendations to remediate and customizable settings.
Access from Denied Territories
Application Login Bypasses SSO
Applications with Expired Secret
Identity Intelligence Client Secret Expiring Soon
Missing Value in Mandatory Field
Okta Session Length Policy Compliance
Role Assigned to Azure Cloud Only Account
Salesforce Direct Login Settings
Shared Mailbox Sign In Enabled
User Has Directly Assigned Application
User Password Expiration Failure
A Bypass Code Was Used To Successfully Sign In
Accounts With Unusually High Activity
Active Account under Heavy Attack
Activity From Untrustworthy ISP
Authenticator Registration Anomalies
Code Exfiltration By Guest Account
Google Drive File with Excessive Sharing Permissions
Microsoft Entra ID Admin Activity Anomaly
Service Account Successful Sign In
Shared Mailbox Successful Sign In
Sign-in from Recently Created IdP
Successful Access from a Previously Only Failing IP
Suspicious Activity Reported by End User
Users With Defined Email Forward Rules
Last updated