Identity Intelligence and Analytics

Identity Intelligence and Analytics

Identity Intelligence and Analytics is the process of producing, collecting, cleansing and correlating data about administration, authentication and authorization events and then transforming this data into actionable intelligence with respect to compliance regulations, business security policies and corporate risk management objectives.

Evidian DirX Audit provides auditors and security compliance officers with identity intelligence and advanced analytics for identity and access. DirX Audit complements the core IAM capabilities for administration, authentication and authorization by providing means to analyze and report on IAM operations and deliver the information necessary to support IAM governance and manage risks. With its analytical features, DirX Audit helps enterprises and organizations to ensure sustainable compliance and provide identity intelligence for the identity and access management processes.

Identity Intelligence and Analytics Benefits

Comprehensive Analyses

Improve the effectiveness of security controls.

Customizable User Interface

Simplifies analysis and reporting with the advantage to drill down into detail.


Stores audit events from different sources in a single database.


Fast and convenient insight into IAM operations and historical data.


Additional audit sources can be integrated.


Support of several databases and server platforms.

How does Identity Intelligence and Analytics work?

In order to support identity intelligence and analytics, DirX Audit provides the following main features:

Activity Monitoring

DirX Audit collects and correlates data about administration, authentication and authorization events from different IAM audit producers and then transforms this data into intuitive and actionable identity intelligence with respect to compliance regulations, business security policies and corporate risk management objectives.

Historical Data

DirX Audit maintains historical data from identity repositories to reveal information about changes to identity and identity-related data over time, allowing for historical review of identities and point-in-time comparisons to demonstrate progressive compliance to governance processes, gain insight into identity and policy status or determine why an access request was permitted.

Key Performance Indicators

Employing OLAP (online analytical processing) techniques, DirX Audit generates identity audit KPIs (key performance indicators) that provide statistical information about audit events and historical data for fast, interactive analysis and insight into IAM operations.

Risk Assessment

To classify users into risk categories from low to high, risk factors for users are regularly calculated and stored according to a customizable configuration. Examples for risk factors are: SoD violations, imported accounts and group memberships and total number of group memberships. These values and their weighted totals are displayed in DirX Audit Manager’s History view as well as in appropriate charts and reports. Compliance managers or managers can then focus on them and try to reduce the number of high risk users.

Analytics and Identity Intelligence

DirX Audit provides a Web-based user interface with specific views that facilitates the correlation, analysis and reporting of audit and historical data by auditors, administrators, and security compliance officers.

Dashboard View

The Dashboard view provides a personalized collection of KPI charts. Using the Dashboard, auditors can perform analyses, especially time-based trend analyses of selected KPI data and then drill down to details about audit events as necessary.

Event Monitor View

The Event Monitor view provides a convenient interface for filtering and correlating audit events. Using the Event Monitor, auditors are able to find answers to the “what, when, where, who and why” of user access and entitlements.

History View

The History view provides for browsing historical identity data. Auditors can review historical data, do point-in-time comparisons and correlate audit events with historical data. DirX Audit also supports root cause analysis for privilege assignments.


DirX Audit provides pre-configured report templates. Auditors can set up scheduled reports that will be sent via e-mail to selected recipients at regular intervals. Jaspersoft iReport technology can be used to customize reports or to create new reports.

The challenge of an Identity Intelligence and Analytics solution

Cost pressure is combining with increased security needs to cause enterprises and other organizations to look for new ways of optimizing their business processes. That is especially true in the observance of compliance regulations such as those stipulated in the Sarbanes Oxley Act regarding the reliability of the financial data published by enterprises. One way of providing efficient support for these efforts is to roll out an Identity and Access Management (IAM) system with identity intelligence and audit support.

The sheer number and types of regulations, however, pose a challenge:

  • Many different regulations exist today, and new ones are mandated all the time, requiring continuous revision of IAM controls.
  • The policy for what is audited depends on the particular regulation, the enterprise business model in force, and the application creating the audit trail, making it difficult to establish consistent, end-to-end audit policies.
  • Different regulations require different methods of analysis and reporting.

Audit data of IAM activities need to be produced that can be used to demonstrate accountability and report on the results to demonstrate control of business processes on user access and entitlements as required by applicable regulations. On a regular basis or on demand, reports must be produced on current status and history on the information in the IAM repositories – for example, the identity store in an identity management component.

The audit trails and historical data produced by IAM components can help to answer the questions that auditors ask to obtain proof of compliance. Until now, audit logs and historical data from several applications had to be analyzed to answer questions like “Who has accessed financial data in the last month?”, “Who gave the users access rights for this?” and “Who approved these rights?” Different audit formats, different user identities for the same person and parallel timelines in the individual applications make such analyses very difficult and cost-intensive.

Our solution

Based on historical identity data and recorded events from the identity and access management processes, DirX Audit allows answering the “what, when, where, who and why” questions of user access and entitlements. DirX Audit features historical views and reports on identity data, a graphical dashboard with drill-down into individual events, a monitor for filtering, analyzing, correlating and review of identity-related events and job management for report generation. With its analytical features, DirX Audit helps enterprises and organizations to ensure sustainable compliance and provide identity intelligence for the identity and access management processes.

Evidian Identity Intelligence and Analytics with DirX Audit

DirX Audit V6.0 is now available.

DirX Audit V6.0 offers improved analytical experience with continuous risk assessments for identities and context-based root cause analysis for access rights.

With V6.0 customers benefit from the following new features:

  • Risk classification and analysis for identities
    • Based on multiple risk factors aggregated to an overall compound risk level
    • Dashboard charts for compound risk and simple risk factors
    • Reports on identities based on risk level and risk factors
  • Integration with customer data to extend reports and dashboard charts
    • Additional options (dimensions) for KPIs on authentication events
  • Context-based analysis and correlation of events and historical data
    • History view provides answers to the question “Why has user this role?”
    • Reports for root cause analysis and correlated events
    • Performance improvements for event correlation
  • Additional charts
    • Imported accounts and group memberships
  • Extended purge tool
    • Supports relative dates for exporting events

Ralf Knöringer, head of the DirX product unit at Atos, said: “DirX Audit V6.0 represents a major step forward in our solution for Identity Analytics and Intelligence. By continuously and contextually analyzing the identity and access lifecycle activities, customers are empowered to identify, manage and mitigate risks and to monitor and control their security policies. With DirX Audit, our customers can effectively provide accountability and auditability to help ensure compliance.’’




To receive Evidian news, please fill the following form.