If we have a risk rating of the endpoint being connected to then we can do the following:
1. import risk details from identity governance and other tools.
2. make rules (policies) based on risk (host/app + account) = controls (simple rules)
3. report based on endpoint (host/app) plus user risk. Get signal from noise.

by: Marcus V. | over a year ago | Other