Entity Details Pages

Entity Details pages provide comprehensive, drill-down views for individual identities, accounts, groups, and roles discovered by Hydden. These pages aggregate data from multiple sources, display relationships between entities, show threat analysis results, and track historical changes.

Overview

Each entity type has a dedicated details page accessible by clicking any row in Global Search:

Entity Type	Details Page	Primary Use Cases
Owner (Identity)	Aggregated view of all accounts, group memberships, and activity for an individual person	Identity risk assessment, account consolidation, compliance reporting
Account	Detailed view of a specific account including MFA status, threat rules, group memberships, and login history	Account investigation, security audits, permission review
Group	Group membership details showing direct and expanded members with login history	Access review, privilege analysis, nested group investigation
Role	Role assignment details showing accounts with specific roles and their login history	Cloud permission review, role-based access audits, compliance

Key Features

Data Tiles

Each entity details page displays information tiles with key attributes and risk indicators:

• Entity Information: Core attributes (name, email, type, status, etc.)
• Source Information: Platform, data source, domain details
• Risk Assessment: Threat scores, risk levels, security findings
• Authentication Details: MFA status, last logon, password information
• Relationship Counts: Mapped accounts, group memberships, role assignments

Data Tabs

Tabbed views organize related data into functional categories:

• Threat Information: Applicable threat rules and risk factors
• Group Membership: Group associations (direct and expanded)
• Login History: Authentication events and activity timeline
• MFA Devices: Multi-factor authentication device inventory
• SSH Keys: Public and private SSH key details
• Tokens: Authentication tokens and credentials

Relationship Mapping

Entity details pages show connections to related entities:

• Owner → Accounts: All accounts mapped to an identity
• Account → Groups: Group memberships for an account
• Group → Members: Accounts and nested groups within a group
• Role → Assignments: Accounts assigned specific roles

Action Workflows

When automation features are enabled, entity details pages include action buttons to:

• Send Email: Email notifications about the entity
• Create Ticket: Generate ServiceNow or JIRA tickets
• Trigger Workflows: Execute custom automation workflows
• Add to Vault: Onboard accounts to password vaults (for account entities)

Common Workflows

Security Investigation

1. Start with Owner Details to see aggregated threat score
2. Drill into high-risk accounts from the Accounts tab
3. Review threat information to understand specific risks
4. Check login history for suspicious activity
5. Investigate group memberships for privilege escalation paths

Compliance Auditing

1. Access Account Details for specific accounts
2. Review MFA status and authentication methods
3. Check SSH key inventory for key management compliance
4. Verify group memberships against access policies
5. Export data for compliance reporting

Access Review

1. Open Group Details for privileged groups
2. Review direct and expanded members
3. Check member login history for activity
4. Identify inactive members for cleanup
5. Use action workflows to request access reviews

Vault Onboarding

1. Find unvaulted accounts in Account Details
2. Review account attributes and classification
3. Use "Add to Vault" action to onboard
4. Verify vaulted status in PAM Status field
5. Track vault management via Vault/Safe column

Navigation

Accessing Entity Details

From Global Search:

• Click any row in the Owners, Accounts, Groups, or Roles tabs
• Entity details page opens in the same window or new tab (based on browser settings)

From Entity Details:

• Click linked entities (e.g., mapped owner name, group name) to navigate to related entities
• Use browser back button to return to previous view

From Search Library:

• Click any row in Search Library reports
• Reports open with entity details accessible via row clicks

Breadcrumb Navigation

Entity details pages include breadcrumbs showing:

• Current entity type and name
• Path back to Global Search
• Related entity navigation

Performance Considerations

Entity details pages load data in sections:

• Tiles load first: Core entity attributes display immediately
• Tabs load on demand: Tab content fetches when selected
• Large datasets paginate: Group memberships and login history paginate for performance
• Related entities cache: Recently viewed entities cache for faster navigation

---

Entity Type Details

Owner Details

Purpose: Comprehensive view of an individual identity with all associated accounts and aggregated risk data.

Key Information:

• Owner attributes (name, email, title, department, manager, location)
• Employee information (hire date, termination date, employee ID)
• Aggregated threat score from all mapped accounts
• Recent failed logins across all accounts
• High-risk account list
• Accounts without MFA

Data Tabs:

• Owner Accounts: List of all mapped accounts
• Group Membership: Aggregated group memberships
• Login History: Complete authentication timeline
• MFA Devices: MFA device inventory across accounts
• SSH Keys: Public and private SSH keys

Use Cases:

• Executive risk reporting
• Employee offboarding verification
• Identity consolidation review
• Compliance evidence gathering

---

Account Details

Purpose: Deep dive into a single account with threat analysis, authentication details, and access permissions.

Key Information:

• Account attributes (name, type, status, classification)
• Source platform and data source
• Risk level and threat score
• MFA configuration and device count
• Last logon and password information
• Mapped owner identity

Data Tabs:

• Account Threat Information: Applicable threat rules
• Group Membership: Group associations
• Login History: Authentication events
• MFA Devices: Registered MFA methods
• SSH (Public) Keys: Authorized public keys
• SSH (Private) Keys: Private key inventory
• Tokens: Authentication tokens

Use Cases:

• Account-level security investigation
• Privilege review and audit
• Access certification
• Password policy compliance
• SSH key management

---

Group Details

Purpose: Detailed view of group membership showing direct and expanded members with activity tracking.

Key Information:

• Group attributes (name, display name, platform)
• Data source and collector information
• Direct member count (explicitly added accounts)
• Total member count (includes nested group members)

Data Tabs:

• Group Membership: List of all members (direct and indirect)
• Login History: Member authentication activity

Use Cases:

• Access review for privileged groups
• Nested group membership analysis
• Inactive member identification
• Group-based access auditing

---

Role Details

Purpose: Role assignment overview showing all accounts assigned specific cloud or application roles.

Key Information:

• Role attributes (name, description, platform)
• Data source and provider information
• Direct role count (explicitly assigned accounts)
• Total role count (includes inherited assignments)

Data Tabs:

• Role Membership: Accounts with this role assignment
• Login History: Authentication activity for role members

Use Cases:

• Cloud IAM role auditing
• Permission set review (Azure, AWS, GCP)
• Least privilege analysis
• Role-based access compliance

---

Related Topics

• Global Search - Interactive search interface
• Global Search Default Columns - Column reference
• Search Library - Pre-built queries
• Threat Detection - Understanding threat scores
• Identity Mapping - Account-to-owner mapping
• Automation & Workflows - Action workflows and triggers
• Map To - Understanding entity mapping