Identity Outliers – Discover & Remediate Anomalous Identities

The SailPoint Blog
| Ju Tan | Market Views

What if you could discover risky identities within an organization as easily as you search for your next favorite song on Spotify? Leverage SailPoint’s security expertise to surface Outlier identities. Press “remediate” or “ignore” to train the AI/ML to adapt to your organization’s unique security preferences.

The music industry was revolutionized by the advent of AI/ML. With the music genome project, trained musicologists listened to music from all genres and detailed tracks across hundreds of attributes*. With this taxonomy of music, companies such as Pandora and Spotify were able to recommend music to individual listeners based on their personalized listening experiences and preferences in music. They were able to do this without the listener having to know anything about the underlying music theory or traits – for example, “Does this track feature a guitar? What key is it in? What tempo? Time signature?” Instead, the AI/ML algorithm used the mathematical heuristics to identify groups of songs that were similar to what the listener liked in the past. A simple “Heart” or “Ignore” from the listener indicated whether he or she liked or disliked one or more elements of that song. The music algorithm responds by playing more songs that share characteristics with the positively rated songs – and fewer songs that sound like the negatively rated songs.

SailPoint Identity Outliers Will Offer 2 Use-Cases in 2022: Structural Outliers and Low Similarity Outliers.

Now, with SailPoint Identity Outliers, customers can similarly leverage AI/ML to discover risky identity access within their organization. Historically, manually looking for risky identity access patterns within an enterprise landscape meant downloading endless Excel files to analyze violations. With modern enterprises swarmed with an increasing surface area of enterprise applications and a myriad of roles and entitlements combinations to certify, Identity admins need a better tool. Identity Outliers uses an AI/ML approach to analyze enterprises identity access relationships and automatically flags identities for additional review by admins. In 2022, we will make available two types of Outlier use-cases: Low Similarity Outlier (LSO) and Structural Outlier (SO) Identities. Low Similarity Outliers are those identities where their access privilege is not similar to other identities within their peer-group. The intuition is here is that LSO identities may have been missed during Role design coverage and/or are employees with unusual access privileges when compared to their peers. Structural Outliers are those identities where their access privileges are like multiple peer groups. SO identities are those who may have accumulated unusual access privileges across an organization – perhaps due to moving job functions or having unique privilege that were never released.


Remediate or Ignore identities to inform future anomaly signals.

Next-up: Similar to how Spotify started off with a Top Songs playlist and popular genres before expanding to additional musical tastes, SailPoint’s Identity Outlier will continue to increase its offering of new security “playlists” in the future based on customer feedback. We may even allow customers to create their own custom identity security playlists. Can I get a Like Remediate?