Cloud Security Management Identity Risks

Cloud Security Management is not supported for your selected Datadog site ().

Cloud Security Management Identity Risks (CSM Identity Risks) provides in-depth visibility into your organization’s IAM risks. It enables you to proactively detect and resolve identity risks on an ongoing basis to secure your cloud infrastructure from IAM-based attacks.

At this time, CSM Identity Risks is available for AWS only.

Review identity risks

Review your organization’s active identity risks on the Identity Risks Explorer. Use the Group by options to filter by Identity Risks, Resources, or None (individual identity risks). View additional details on the side panel.

CSM Identity Risk detections include users, roles, groups, policies, EC2 instances, and Lambda functions.

CSM Identity Risks Explorers page

Remediate identity risks

For detailed insights and remediation help, click the Insights tab. In the following example, the Insights tab shows the usage of provisioned permissions.

The Insights tab on the identity risks side panel shows the usage of provisioned permissions

Click View Suggested Policy to view a suggested downsized policy based on the actual usage.

Review suggestions for downsizing a policy on the Suggested downsized policy dialog

To remediate the identity risk, click Fix in AWS to update the resource in AWS IAM console. To create a Jira issue and assign it to a team, click Create Jira issue. See Create Jira Issues for Cloud Security Management Issues for more information.

Remediate identity risks using the action buttons on the side panel

You can also leverage Workflow Automation to create automated workflows for identity risks (with or without human involvement). See Automate Security Workflows with Workflow Automation for more information.

Further Reading