Manually or autocratically add user accounts with a high risk exposure to the Zscaler-defined restricted user group to allow for Zscaler policy execution.
This task can be triggered manually using the context menu in Attack Surface
Discovery or automatically by
creating Automated High-Risk Account Response playbooks.
This task is supported by the following services:
 |
ImportantThe response action is available only after you have
configured
Zscaler Internet Access integration in Third-Party Integration.
|
Procedure
- After identifying the user account to apply Zscaler policies to, access the
context or response menu and click Add to Zscaler Restricted User
Group.The Add to Zscaler Restricted User Group screen appears.
- Specify a Description for the response or event.
- Click Create.
- Monitor the task status.
- Open Response Management.
- (Optional) Locate the task using the Search field or by selecting Add to Zscaler Restricted User Group from the Action drop-down list.
- View the task status.
-
In progress (
): Trend Vision One sent the command
and is waiting for a response. -
Successful (
): The command was successfully
executed. -
Partially successful (
): The task was unsuccessful on one
or more IAM service -
Unsuccessful (
): The task was unsuccessful on all connected IAM
services -
Pending approval (
): The task is pending approval from specified users -
Rejected (
): The task has been rejected -
Queued (
): The managing server queued the
command because the agent was offline. -
Manually terminated (
): The task has been manually terminated
-