DocumentationRequest a Demo
Request a Demo
Request a Demo
Platform
Documentation

Identity Glossary

Clear, practical definitions for the identity security concepts that matter most — from ISPM and attack paths to shadow admins and non-human identity risk.

Request a demo
Posture Management12 min read

What Is Identity Security Posture Management (ISPM)?

Identity Security Posture Management, or ISPM, is the continuous practice of discovering, assessing, and reducing identity-related risk across human and non-human identities, access, permissions, and trust relationships.

ISPMIdentity SecurityPosture Management
Visibility & Intelligence11 min read

What Is an Identity Visibility & Intelligence Platform (IVIP)?

An Identity Visibility & Intelligence Platform, or IVIP, is an emerging identity-security category focused on unifying identity and access data across cloud, SaaS, on-prem, and IAM tools, then turning that fragmented data into actionable intelligence.

IVIPIdentity VisibilityIntelligence Platform
Attack Paths11 min read

What Is Attack Path Management (APM)?

Attack Path Management, or APM, is the continuous practice of discovering, analyzing, prioritizing, and reducing the routes an attacker could use to move from an initial foothold to critical assets.

Attack Path ManagementAPMLateral Movement
Identity Threats10 min read

What Is a Shadow Admin?

A Shadow Admin is an identity that can achieve administrative outcomes without being explicitly labeled as an administrator. This guide explains what Shadow Admin means, why it is dangerous, and common examples in on-prem and cloud environments.

Shadow AdminPrivilege EscalationDelegated Control
Best Practices11 min read

What Is Identity Hygiene?

Identity hygiene is the ongoing practice of keeping the identity environment clean, accurate, and minimal. This includes removing stale accounts, right-sizing excessive access, reviewing credentials and integrations, and making sure identities reflect current business reality.

Identity HygieneStale AccountsLeast Privilege
Attack Surface11 min read

What Is Identity Attack Surface?

The identity attack surface is the full set of identity-related entry points, weaknesses, permissions, credentials, and trust relationships that an attacker could exploit to gain access, escalate privileges, move laterally, or maintain persistence.

Identity Attack SurfaceAttack Surface ManagementLateral Movement
Non-Human Identities12 min read

What Is Non-Human Identity Risk?

Non-human identity risk is the security risk created by machine-driven identities such as service accounts, service principals, OAuth apps, workloads, API keys, certificates, bots, and AI agents.

Non-Human IdentityNHIService Accounts
Access Management11 min read

What Is Overprivileged Access?

Overprivileged access exists when a user, application, service account, or workload has more permissions than it actually needs. This guide explains what overprivileged access means, why it increases blast radius, and how organizations can reduce it.

Overprivileged AccessLeast PrivilegeBlast Radius

See your identity risk clearly.

Start with a 1-day Proof of Value in your own environment.

Request a Demo

We respect your privacy

We use cookies to keep this site secure and working properly. With your permission, we also use optional cookies to understand usage and improve the experience. Cookie Policy

You can change your choice at any time.

Identity Glossary | Forestall