* [Blog](https://www.paloaltonetworks.com/blog)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/)
* Strengthen Your CIEM Stra...

# Strengthen Your CIEM Strategy with a New Dashboard to Guide Security Teams

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fciem-strategy%2F)  
[](https://twitter.com/share?text=Strengthen+Your+CIEM+Strategy+with+a+New+Dashboard+to+Guide+Security+Teams&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fciem-strategy%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fciem-strategy%2F&title=Strengthen+Your+CIEM+Strategy+with+a+New+Dashboard+to+Guide+Security+Teams&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/ciem-strategy/&ts=markdown)  
\[\](mailto:?subject=Strengthen Your CIEM Strategy with a New Dashboard to Guide Security Teams)  
Link copied  
By [Cameron Hyde](https://www.paloaltonetworks.com/blog/author/cameron-hyde/?ts=markdown "Posts by Cameron Hyde")  
May 30, 2024  
5 minutes  
[Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown)  
[Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown)  
[CIEM](https://www.paloaltonetworks.com/blog/tag/ciem/?ts=markdown)  
[IAM](https://www.paloaltonetworks.com/blog/tag/iam/?ts=markdown)  
[Identity Access Management](https://www.paloaltonetworks.com/blog/tag/identity-access-management/?ts=markdown)

Managing [cloud infrastructure and entitlement management (CIEM)](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem?ts=markdown) becomes increasingly challenging in a multicloud environment, with a proliferation of machine and user identities and users accessing the cloud through various identity providers (IdPs). The volume of data compiled by CIEM tools can make it difficult to know where to begin.

As your trusted security advisor, Prisma Cloud is building new capabilities to give your organization a strong point of view on where to focus your time with [identity and access management (IAM)](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown). Three areas where we believe that organizations should have an increased focus are:

* Admins
* Overly permissive identities
* Third-party access

## Focus on Your Most Risky Entitlements: Admins

According to Microsoft's *2023 State of Cloud Permissions Risks* report, [more than 50% of identities are super admins](https://www.microsoft.com/cms/api/am/binary/RW10qzO#:~:text=This%20report)---users or workloads that have access to all permissions and resources. This is a shocking statistic that clearly violates the principle of least privilege. Admin entitlements should be granted as infrequently as possible, as they present the most risk to an organization.

An important feature in a CIEM tool is to be able to easily highlight admin access levels within the cloud environment to ensure they're only granted to necessary users. If admins have unused privileges, it's a security best practice to either assign a new policy or remove the unused permissions.

Prisma Cloud makes it easy for organizations to identify these admins with an extensive policy set and remediation guidance that will remove risky, overly permissive access.

## Most Identities Are Overly Permissive

It's common sense that organizations should remove overly permissive access. But the facts tell a different story, according to the Microsoft study, which reported:

* Identities use, on average, 1% of the permissions they're granted
* More than 60% of identities are inactive and haven't used any of the permissions granted in the last 90 days

Statistics like this prove that organizations are failing to properly secure their identity attack surface.

Granting overly permissive access is a significant problem, since almost every successful cloud cyberattack has an identity component to it. To combat this, Prisma Cloud provides remediation guidance to achieve least privilege and also gives recommendations for removing unused access within a service, provisioning users with access to only the actions they need.
![Prisma Cloud least-privileged access suggestions](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/05/word-image-321816-1.png)
Figure 1: Prisma Cloud least-privileged access suggestions

To help organizations easily highlight overly permissive access, Prisma Cloud automatically notifies security teams of overly permissive access. Additionally, to go a level deeper, the intuitive RQL now enables easy investigation of overprivileged access.

## Govern Third-Party Access

Governing third-party access is a vital component of comprehensive cloud security. Third parties, including vendors, contractors and partners, often require access to various parts of an organization's cloud infrastructure to perform their functions. However, this access can introduce significant security risks. If not properly managed, it can lead to unauthorized actions and data breaches.

By continuously monitoring and auditing third-party access to cloud environments, Prisma Cloud enables organizations to enforce strict access controls, such as least-privilege, over third-party access. Through effective management of third-party entitlements, organizations can maintain stronger security postures and mitigate potential threats arising from external access.

To ensure that third parties only have access to the resources necessary for their roles, reducing the risk of exposure to sensitive data and critical systems, Prisma Cloud has recently released an extensive list of policies that help organizations govern if a third-party service account can assume a service account with high privileges or if a third-party account has lateral movement.

## Discover the New Identity Dashboard

To help organizations implement this strategy, Prisma Cloud has released the identity dashboard. Use the dashboard as your new hub for identity security, providing a consolidated risk oversight tool that empowers teams to proactively detect and mitigate identity-based threats. It offers in-depth visualizations to address questions such as:

* What are my top identity and access management risks relative to my cloud assets?
* How many admins do I have? How many admins have unused permissions?
* What risks require my immediate attention?
* Are there over privileged identities in my environment? What types of access do the overly permissive identities have?

![CIEM Dashboard](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/05/CIEM-Dashboard.png)
Figure 2: CIEM Dashboard

We know teams are overburdened with security alerts and often don't know where to start, which is why [Prisma Cloud makes it easy for your organization to know where to focus](https://docs.prismacloud.io/en/enterprise-edition/content-collections/dashboards/dashboards-identity) your time when securing your cloud identities.

## Unlock Attack Paths with Prisma Cloud CNAPP

A misconfigured or overly permissive identity by itself doesn't always represent application risk. CIEM is seamlessly integrated into the [Prisma Cloud platform](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown), enabling security teams to correlate findings so they can prioritize and understand critical risks. Prisma Cloud analyzes misconfigurations, vulnerabilities, public exposures, excessive permissions, exposed secrets, sensitive data, incidents and more. The platform combines multiple risk factors across identities and cloud assets to visualize interconnected risks and prioritize alerts, helping security teams understand how several configuration mistakes form attack paths.

By integrating a [leading CIEM solution](https://www.paloaltonetworks.com/blog/prisma-cloud/2024-gigaom-radar-for-ciem/?ts=markdown) into its cloud-native application protection platform (CNAPP), Prisma Cloud ensures the security of applications from code to cloud across multicloud environments. The comprehensive security, continuous visibility and proactive threat prevention give organizations the ability to stop attacks in runtime, fix issues in the cloud and fix forever in code. [Keep track of our latest CIEM innovations.](https://docs.prismacloud.io/en/enterprise-edition/rn/prisma-cloud-release-info/features-introduced-in-2024/features-introduced-in-2024)

## Learn More

If you'd like to learn more about how Prisma Cloud can secure the identity attack surface, register for an upcoming [Visibility \& Control bootcamp](https://www.paloaltonetworks.com/prisma/cloud-interactive#:~:text=Visibility%20and%20Control,Explore%20bootcamps?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown)

[#### Prisma Cloud Extends CIEM to Simplify Multi-Cloud Permissions Management](https://www.paloaltonetworks.com/blog/cloud-security/ciem-graph-gcp-announcement/)

### [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### The Role of Zero Trust for Cloud Identities and Infrastructure](https://www.paloaltonetworks.com/blog/cloud-security/identities-and-infrastructure/)

### [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Identity Security](https://www.paloaltonetworks.com/blog/cloud-security/category/identity-security/?ts=markdown)

[#### Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor-Neutral CIEM Is Now](https://www.paloaltonetworks.com/blog/cloud-security/ciem-essential-mepm-retired/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Prisma Cloud Integration With AWS IAM Identity Center and AWS Tag Support](https://www.paloaltonetworks.com/blog/cloud-security/prismacloud-aws-identity-center/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown)

[#### Extending CIEM for Microsoft Azure, Simplifying Multi-Cloud Permissions](https://www.paloaltonetworks.com/blog/cloud-security/ciem-microsoft-azure-multicloud-permissions/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-security-platform/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Prisma Cloud at Ignite '21: What to Know](https://www.paloaltonetworks.com/blog/cloud-security/prisma-cloud-ignite-21/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language