One of the most common frustrations we hear from security engineers goes something like this:
"I know we have too many accounts and too many tools, but I cannot tell which identities are real, which are duplicates, and which are dangerous."
It is a fair complaint. If you are trying to enforce least privilege, run meaningful access reviews, or build zero trust policies, it all starts with one question:
Do I actually know who this user is?
That question is why we built Unified Identity.
Identity sprawl is real
You already know the problem. You are pulling in user data from Okta, Azure AD, AWS IAM, HR tools, and maybe some SaaS applications too. Each of these systems has its own version of a user. Sometimes they match. Often they do not.
The result? You have multiple accounts that might belong to the same person. You have admin rights hiding in unexpected corners. You have stale accounts that no one remembers. And the scariest part — you cannot say with confidence whether a person is active, protected with multi factor authentication, or overprivileged.
This is not just a data quality problem. It is a security gap.
A better way to model identity
Unified Identity is a new capability in JupiterOne that gives you a complete, trustworthy picture of your users. It brings together all those scattered user records into a single object in the graph that reflects the true identity of a person in your environment.
Instead of User -IS-> Person (which worked but relied on brittle integration-specific rules), we now use a more advanced unifier engine. This engine evaluates signals across all your connected systems and creates a consistent, clean identity model.
Each Unified Identity object shows you:
- All associated usernames, emails, and short login IDs
- Derived properties like whether the user is active, has admin rights, or has multi factor authentication enabled
- Which systems believe the user exists
You can search for these identities using a simple query:
FIND UnifiedIdentity WITH mfa = "No" AND admin = "Admin"
In seconds, you get a list of risky users to investigate. No scripts, no guesswork.
The shift to identity-first security isn’t just something vendors are pushing. 78% of organizations experienced an identity-related cyberattack in the last 12 months.(1) Gartner has made it clear: traditional perimeter-based approaches are no longer enough. With remote work, SaaS, and decentralized infrastructure, identity security is the new control plane.
According to Gartner, organizations that fail to adopt context-based, continuous access policies will struggle to deliver effective protection. They outline a “Three Cs” approach:
- Consistent policies across environments
- Contextual decisions based on rich identity data
- Continuous enforcement, not just at login
Unified Identity directly supports all three. It gives you:
- A single source of truth across identity providers
- Real time visibility into risky conditions like missing MFA or conflicting roles
- A foundation for automated decisions and access reviews that reflect actual risk
What’s next?
Unified Identity is live and ready to use in JupiterOne today. We recommend checking out the new properties and updating your queries to take advantage of them. Start here:
FIND UnifiedIdentity
This query gives you the full picture. From there, the possibilities open up.
Want to learn more about identity unification, reach out to us for a demo.
