What are Entities?

Entities are distinct objects or subjects within a technological system representing users, assets, or other significant items that the system needs to manage or track. They possess unique identifiers and attributes relevant to their roles within the system. For instance, user entities typically include attributes such as user ID, username, email, role, and other profile information, while asset entities can include attributes like asset ID, name, type, location, status, and owner.

In Netenrich 

Netenrich employs a unique approach to managing entities through advanced data engineering techniques. We normalize user and asset data to provide a more accurate and unified view. 

For example, let’s say John Smith has been involved with several company mergers and has different email addresses associated with different companies: john.smith@company1.com, john.smith@company2.com, and johnsmith@company3.com. Traditional security tools would treat these as three separate users. However, Netenrich recognizes that all these email addresses belong to the same individual. 

Similarly, for assets, there might be servers with identical names in different environments, such as server1 at company1 and server1 at company2. Other systems might see these as distinct servers, but we normalize this information and identify them as the same server. 

This normalization enables accurate detection and correlation of security events, ensuring that attacks on what appears to be different users or servers are correctly identified as targeting the same user or asset. This approach helps eliminate false negatives and ensure accurate identification.