We are happy to announce a new feature for XDR ID customers: Identity Inventory.
Background
This update gives you a clear and complete view of all identities in your cloud environment.
With Identity Inventory, you can easily see:
- All users and service principals
- Their types and roles
- MFA (Multi-Factor Authentication) status
How to Get Started
- Go to the Cloud → Microsoft tenants page in Elements.
- Connect the new Identity Inventory capability (you only need to give permission to read Entra ID data - no Azure subscription needed).
- After the scan is complete (it may take up to 36 hours), you will see all identity data in Environments → Identities.
Why is this important?
- You get complete visibility into who and what has access in your cloud environment - now directly inside Elements, without needing to switch to the Azure portal.
- It helps you identify potential risks, such as accounts without MFA or unexpected roles.
- No extra Azure subscription or complicated setup is needed.
This new capability helps you spot risks early and keep your cloud environment secure by giving you a clear picture of all identities.
What’s Next?
BCDs (Broad Context Detections) will be linked to Identities. This means you will be able to easily see which identities are related to specific detections, making investigations and understanding security events even easier.