Recommendations

What is the Recommendations page?

The Recommendations page displays your detections and identities by recommended solutions to potential risks.

By default, the Recommendations Overview sorts any item by importance and impacted entities, which are then grouped by recommendation summary in a sortable list.

ℹ️

Note

You can export the Recommendations grid as a .csv using the Download button.

How is it useful?

Recommendations provide both at-a-glance, high-level overviews of recommended security actions, as well as an in-depth summary for each individual recommendation instance. You can also view Recommendations in an ungrouped list by clicking the Ungrouped tab.

Search and filter your grouped recommendations

Grouped recommendations include all accounts that share a specific recommendation.

  1. On the Recommendations page, click the Grouped tab.

  2. To search for a(n):

    • recommendation: Enter a Recommendation Name and, optionally, select a filter.Filters include is equal to, is not equal to, Contains, Starts with, Ends with, and Does not contain.
    • level of importance: Select an Importance option from the drop-down list.
    • provider: Enter or select a provider name in the Providers list.
    • account: Enter a digit in the Accounts field and, optionally, select a filter.Filters include is equal to, is not equal to, Is greater than, Is greater than or equal to, Is less than, and Is less than or equal to.
    • total recommendation count: Enter a digit in the Total Count list. Filters include is equal to, is not equal to, Is greater than, Is greater than or equal to, Is less than, and Is less than or equal to

Search and filter your ungrouped recommendations

Ungrouped recommendations include all recommendations. On the Accounts page, search results display automatically as you add search terms and select options.

Use a Saved filter

Select a Saved filter from the drop-down list.

Create your own filter

  1. Click Add Filter.
    The Filter Detections dialog box displays.
  2. Select And or Or to determine how you want the saved filter to refine the first data set you're entering.
  3. Optionally, click Add Filter to add a new set of filtering criteria, and select your criteria from the drop-down menus.
  4. Optionally, click Add Group to add a group of additional filters to further refine your filtered criteria.
  5. Click Apply Filter.

Use the columns

Not all columns display by default. Use the columns to search for a(n):

  • recommendation: Enter a Recommendation Name and, optionally, select a filter.Filters include is equal to, is not equal to, Contains, Starts with, Ends with, and Does not contain.
  • level of importance: Select an Importance option from the drop-down list.
  • provider: Enter or select a provider name in the Providers list.
  • location: Enter the Location name.
  • account: Enter an Account Name and, optionally, select a filter.Filters include is equal to, is not equal to, Contains, Starts with, Ends with, and Does not contain.
  • label: Enter or select a label name in the Labels list.
  • direct privilege: Enter or select a Direct Privilege. Direct privileges are the inherent rights of an account. This column is hidden by default. Use the Column icon to select the column to display.
  • True Privilege: Enter or select a True Privilege. True Privilege is the full scope of access an account could potentially gain. A True Privilege score shows what detections and recommendations put highly privileged accounts at risk.
  • date of first recommendation: Use the calendar to select a date and, optionally, select a filter. Filters include is equal to, is after or equal to, Is after, Is before or equal to, and Is before.
  • recommendation status: Select one or more options from the list. Options include New, Ignored, False positive, Resolved, and Under review.

Customize your recommendation display

Select which columns to view in your results list via the Columns icon and reorder your results by column:

  1. Click the column header to activate it.
  2. Click the arrow icon that displays to sort alphabetically or numerically.

View your recommendation details

View your Recommendation details to see a list of all accounts or entities that would benefit from the recommended action, such as enabling multi-factor authentication, identifying linked account privileges, or verifying dormant accounts.

Accounts associated multiple times with the same recommendation across separate sources are listed as Multiple.

  1. Click Quick View on any recommendation row to display a preview window, without leaving the Recommendations page. This preview provides a high-level summary to aid in quickly evaluating areas of potential risk.
  2. Click View Full Details to view additional information, or Close to return to your position on the page.

View your instance details

The Instance details page displays when you click an entity name from the Recommendation Details page. It displays an in-depth summary of the individual recommendation instance and provides the detection's severity, as well as the recommendation's description and underlying concern, and potential options for resolution.

Change or add a comment to a status

Authorized users can change the status of a recommendation, and they can include an optional comment to describe the nature of the update or change. The status change and comment history are viewable on the Recommendation Details page.

  1. Locate the status you want to update.
  2. Click Update Status.
  3. Optionally, select a new status from the drop-down menu. Options include New, In Progress, Resolved, False Positive, or Ignored.
  4. Optionally, add a comment.
  5. Click Update Status.
    Your status change and comment saves.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.