Security : Network : Identity Providers

How do we calculate this Insight?

Currently, Block 64 is able to gather data from a customer’s Active Directory and Entra ID to gather data on their users and devices.  The Identity Provider’s report leverages the user data to identify if there are potential risk associated with their user accounts.  

Users are considered at risk if they have not logged in in the last 90 days, the account does not require a password, or if MFA is disabled.  

The user at risk counts are based on the number of users who have one the potential risks associated with their account. The Entra ID and Active Directory users at risk filter the data to show users specifically from the selected provider.  

Why might this Insight be empty or missing data?

Data may be missing here if we do not have access to your Entra ID or Active Directory. Consider reviewing your current deployment and either adding the integration for Entra ID or adding your Active Directory credentials to your local discovery product. If this has already been done, the consider scheduling a troubleshooting call with our success team.  

Additionally, it is possible that none of your accounts are exposed to the risks we are looking for. In this case we would not expect to find any user at risk in your environment.