Discovery

Discovery is a powerful feature designed to help organizations discover and manage privileged accounts, credentials, and other sensitive information across their IT infrastructure. It enables IT teams to gain visibility into all of their systems, applications, and devices, and identify potential security risks and vulnerabilities.

By scanning and analyzing systems and applications, discovery can detect and classify privileged accounts and credentials, including those that are inactive. You can automatically find local Windows accounts, Active Directory services, Unix, VMware ESX/ESXi, and Active Directory domain accounts.

Continuous Identity Discovery

Continuous Identity Discovery (CID) provides discovery for cloud accounts and cloud infrastructure. CID enables you to readily discover privileged identities such as administrator, shadow admin, and service accounts that pose potential security risks. These include accounts that are stale, lacking MFA requirements, or lacking vaulted credentials in Secret Server. CID then prompts you to make specific corrections. CID runs automatically and continuously so you can easily monitor and secure privileged accounts.

See Continuous Identity Discovery.

Combined Discovery

Local Discovery enables users to see Vault sources from Secret Server.

Combined Discovery enables users to see Vault sources from Secret Server alongside Identity Protection (ITP) sources from the Delinea Platform

1. Navigate to the Sources page.

   The Sources page displays Vault sources and Identity Protection (ITP) sources.

   

2. To see basic information about a discovery scan, click anywhere in the scan row to open a panel to the right.
   
   

3. To see detailed information about the scan, click View Details in the right panel or click the name of the scan in the row.

4. To run the vault discovery scan, click Run discovery scan in the right panel or hover your cursor over the scan row to the right of the source name, and click the forward circle icon.
   
   A dialog will appear with options for the scan.
   
   
   

5. When you are satisfied with the options you have chosen, click Run now. It might take a minute or two for the Discovery Scan to complete.

6. You can also click Create source to create a new vault discovery source.
   

   For more information about discovery in Secret Server, see the following topics in the Secret Server documentation:

   • Discovery Overview
   • Introduction to Discovery Sources, Scanners, and Templates
   • Running and Interpreting Active Directory Discovery