Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

User Cloud Card

  1. Last updated
  2. Save as PDF
Limited Availability: To access the Users page, contact Skyhigh Support.

On the Users page, click a row in the Users table to open the User Cloud Card, which displays detailed information about the selected user. From the Cloud Card, you can use the filters next to each attribute to view specific information, enhanced metadata, and user-specific details.

User_First Cloud Card.png

Cloud Card attributes are custom fields that you set up during integration with your organization’s AD, LDAP, or CSV data source via the Cloud Connector. Only the configured attributes appear on the User Cloud Card. The details of each attribute are listed below:

  • Severity. The values (Green for Low (1–3), Yellow for Medium (4–6), and Red for High (7–9)) indicate how much each user’s risk score exceeds the defined threshold.
  • Risk. Skyhigh CASB calculates a default User Risk Score as an aggregate of data risk, Sanctioned SaaS risk, and Shadow SaaS risk. It uses Sanctioned and Shadow user activities, along with each user's security incidents, to rank users from 1 to 9 by risk severity.
    • Red. High.
    • Orange. Medium.
    • Yellow. Low.
  • User UID. Unique identification number of a user in your organization.
  • Mail.  Displays the user's email address.
  • Manager. Displays the user manager's name.
  • User Principal Name. Used to correlate user activities across multiple cloud applications (Sanctioned or Shadow).
  • Web Page. Displays the websites, apps, or resources a user interacted with.
  • Description. Provides a summary about the user.
  • SAM Account Name. Displays the Security Account Manager (SAM) account name, which is used for authentication and access control within Windows domains.
  • Department. Department of the user in the organization.
  • Object GUID. Displays Object GUID (Globally Unique Identifier). 
  • Last Name. Displays the user’s last name.
  • Given Name. Displays the user’s first name.
  • User Account Control. Displays the user's access level (for example, Admin).
  • Display Name.  Displays the user’s name. 
  • First Name. Displays the user’s first name.
  • Country. Displays the user’s country.
  • Country Code. Displays the user’s country code.
  • Initials. Displays the user’s initials.
  • Company. Displays the user’s company.
  • Name. Displays the user’s name.
  • Primary Group ID. Displays the ID of the user’s primary group. 
  • Mobile. Displays the user’s mobile number.
  • Object Class. Displays the object class of the user in the directory. What type of object the entry represents (for example, user, group, computer, etc.).
  • Object SID. Displays the Security Identifier (SID) of the user.
  • Title. Displays the user’s job title.
  • DN. Displays the Distinguished Name (DN) of the user in the directory.
  • City. Displays the user’s city.
  • User Details. Click View Full User Details to view the User Details page.
    • User Since. The date on which the user account was created. 
    • Last Activity.  Last activity date of the user.
    • Usage Classification. Type of user account (for example, shared account).
    • All Services. Lists all cloud or web services the user has accessed or is associated with.
  • Data Risk.  Displays the risk score of an individual user based on sensitive activities triggered by DLP incidents such as uploading, sharing, or accessing data.
  • Sanctioned SaaS Risk. Displays the risk score of an individual user based on the usage of sanctioned SaaS services.
  • Shadow Risk. Displays the risk score of an individual user based on their access to Shadow IT services activity and Web services usage, derived from observed traffic and risk calculations. 
  • Mini Cards. Mini cards appear on the first Cloud Card. Click a mini card to view detailed information about threats that are causing a risk to your cloud services. As an example, we have selected the Anomalies mini card. When you click the Anomalies mini card, a detailed card appears next to it. Selecting an option within that card opens another card with more information.

The following are the mini card categories:

  • Anomalies. The number of anomalies detected from numerous activities in your cloud environment.
  • Malware Policy Violations. The number of malware detected in numerous files in your cloud environment.
  • DLP. Number of DLP policy violations of each type detected in your cloud environment.
  • Threats. Number of threats detected from numerous activities in your cloud environment.

    UsersPage_All Anomalies.png
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.