Rezonate collects and analyzes various types of information to fulfill its tasks and goals. For this document, collected data will be divided into 3 main types:

• Identities and their profile information - This information includes the existence and configuration of identities that have access to the environment. The information includes identification details such as full names, emails, organizations, position titles, and other data points, as they are stored in the integrated platform directory.

• Authentication and Authorization Configurations - This information includes the existence and configuration of global tenant policies, roles, applications, group assignments, role assignment, and conditional access policies.

• Resources and their configuration - This information varies per integrated platform and is described in more detail per integration.

• Activity Logs - The activity log of the integrated platform. These logs contain information regarding activities performed by actors (users or machines) in the environment and their context. From a data-point perspective, the collected information contains the identification of the identity that acted, along with IP address, and device information if available (Machine ID)

The data that is collected is used by Rezonate to discover and map the identities that have access to the environment, their effective privileges and access to resources, their behavioral profile, and security risks and threats that relate to them.

Collected Data Points by Platform

• AWS

• Azure Active Directory

• Azure Cloud

• Google Workspace