Identity Exposure Management Overview

overview what is identity exposure management? by pairing industry leading coverage of exposed credentials and session cookies with simple, actionable, automated validation and remediation workflows, identity exposure management enables you to proactively tackle identity exposures, shrink response times, and drastically reduce the chances of a business disrupting breach core concepts identity identifiers identity identifiers are a new type of identifier designed to represent a person and their associated attributes identity identifiers replace these existing types email, name, and username email, name and username identifiers have been transitioned to identity identifiers authorized vs unauthorized identities authorized identities are identifiers that have been synced with an identity provider this enables the various functionality such as identity profiles, credential validation and remediation these identifiers are automatically created through syncing with your entra id instance one to one coverage for all employees within your entra id instance is the default configuration motion authorized identity identifiers enable additional platform functionality, including enriched identity profiles, “blast radius” visualizations, and automated validation and remediation of exposed identities authorized identity identifiers require additional permissions within your entra id’s connection with flare authorized identity identifiers are fundamentally different and separate from identity identifiers and all other standard flare identitifiers they are available at an additional cost within your flare subscription reach out to your flare customer success representative for more information unauthorized identities are identifiers that have not been synced with an identity provider this restricts all identity related features except manual password validation previously referred to as “email”, "name", and “username” identifiers, these have been consolidated under the “identity” category these identifiers can be manually configured and managed in the same way as flare’s other identifier types unauthorized identity identifiers are priced the same way as other standard flare identifier types manual credential validation via entra id remains available to all flare customers identity identifiers creation there are two ways to create an identity identifier sync your identities from entra id (authorized) manually create an identity identifier (unauthorized) impact on subscription confirm you have the proper number of identifiers for the number of identity identifiers you want to create for additional configuration details, please refer to docid\ bpcmrpdohzer0cc83vcdn once identity identifiers are set up, docid\ wl3hdzqylk5shvy 7towz are available to view their attributes, exposure level indicators, and blast radius creating & managing identities from the docid\ dgkccvrbcbeyxleadwamu page you can select create identifier select identity as "type" fill the rest out appropriately an authorized identity identifier requires the identity to be imported from entraid manually creating identity identifiers will result in an unauthorized identity identifier unless the user is within entra id and within the scope of the import merging identities to merge identity identifiers, you can go to the identifiers tab select the three dots (hamburger menu) on the left hand side and you can merge with a specific identity from the integration hub you can enable the identity import from the docid\ z x8zdlsy7wd0c1jdpxg7 this will import identities from entra id and create associated identity identifiers note you must be an organization admin to access the integrations hub if you import a group, only users from the group will be imported, if there is no group everyone will be imported consider creating a dynamic group in entra id with appropriate include or exclude conditions to maintain this integration credential browser enabled features select the desired validation and remediation capabilities you can select multiple confirm the app registration has the appropriate application permissions to be able to perform these operations note remediation action occurs if the credential is confirmed valid finally test and save the integration identity identifiers will be imported from entra id identies and created automated pasword validation will occur for any credential found in the last 24 hours