Overview

Liongard's Cyber Asset Discovery and Inventory compiles a comprehensive list of all user, service, and discovered identities across multiple systems within your managed environment. This dashboard enables you to quickly classify, audit, and assess your inventory of identities across your Microsoft 365, Google Workspace, Dark Web Monitoring, and Active Directory systems.

Classify and Manage Discovered Identities with Precision

The dashboard groups accounts by matching email addresses to Identity Records. As Liongard finds new email addresses, it creates or merges new identities with existing ones. Easily classify identities by selecting identities in the Discovery tab and move them to Inventory or Archive as needed using the Actions drop down.

These identity records can be classified into the Discovery, Inventory, and Archive categories:

• Discovery: Newly discovered identities waiting for classification.
• Inventory: Confirmed identities and accounts under management.
• Archive: Historical and non-managed identities for reference. Discovered accounts that map to an existing Identity in the Archive will continue to be associated.

Modify Identity Records

Clicking on an email address reveals a discovered Identity Record, which includes a summary of all system sources containing the account's email address and customizable identity information. Use the Identity Information section to classify the user's or service account's identity type, status, and location.

📘

Identities in Liongard

Identities are groups of accounts with the same email address across the systems Liongard has inspected.

Liongard identifies an ID across each inspected system for a unique account record. If the account has an email address, Liongard use that to match against systems that have the same email address

If the account does not have an email address, Liongard will use the username value to create a new identity,

How to Use Identity Details

Flexible Classification: Distinguish between user and service accounts to maintain compliance and improve organization.

Location Data: Optionally add location information to each identity.

Comprehensive Review: Each identity record includes a Review table listing all system sources containing the account (email address) and key attributes.

Identity Record Account Activity and Status

The Asset Inventory also surfaces critical insight into the identity record's associated account activity, which is evaluated using the Last Login Date if the source system does not provide a definitive activity status. If Liongard identifies that all of the accounts associated with the identity are not active or that the days since the last activity exceed 45 days, per CIS CSC 5.3, the dashboard will display the account activity as dormant.

📘

What is Identity Status versus the Account Activity?

The Account Activity column reflects the status of activities detected across various systems, while the custom Identity Status field is used to assign the desired state for each identity, such as Active, Inactive, or Suspended.