Glossary
Canonical definitions for SecurityV0 terminology. When terms are used across docs, these definitions are authoritative.
Domain Concepts
| Term | Definition |
|---|---|
| NHI (Non-Human Identity) | Any autonomous identity that executes without direct human interaction — service principals, bots, GitHub Apps, machine accounts, OAuth apps |
| Workload | A configured artifact that defines executable behavior. entity_type: "workload" (deprecated alias: "automation"). Includes Business Rules, Script Includes, Flows, Scheduled Jobs. Does NOT authenticate — uses RUNS_AS to delegate to an identity. See ADR-006, ADR-010. |
| Zombie NHI | An autonomous identity that continues operating after the human authority that introduced it has materially changed (owner left, scope exceeded original intent) |
| Execution Path | The chain Identity → Role → Permission → Resource that grants an identity the ability to act on a resource. Cross-system paths use AUTHENTICATES_TO hops |
| Ownership Decay | When the human owner of an autonomous identity is disabled, deleted, or departed — the identity keeps executing with no one accountable |
| Scope Drift | Incremental expansion of an identity's permissions over time, each individually approved but never reviewed in aggregate |
| Blast Radius | The set of all resources reachable by an identity through its execution paths, grouped by business domain and sensitivity |
| Chain Composition Fingerprint | SHA256 hash of sorted entity_id:role pairs in an execution chain. Detects structural changes between scans without comparing full chain state. |
| Connection | An outbound integration endpoint configuration. entity_type: "connection". Includes REST Messages, SOAP Messages, HTTP Connections. Defines WHERE a workload sends data. |
| Evidence Pack | A sealed, SHA256-hashed, timestamped artifact proving a finding — contains identity summary, authority snapshot, ownership timeline, and blast radius |
| Execution Chain | Platform-computed ordered set of entities from trigger to destination, stored in execution_chains collection. Has stable identity anchored to entry point entity. Survives entity rotation (OAuth credential changes, SP rotation). See ADR-008. |
| Finding | A deterministic detection (orphaned ownership, scope drift, dormant authority) with a walkable evidence chain |
| Exposure | A W1 derived assessment unit representing one Authority Path (Workload → Identity → Destination → Data Domain) enriched with findings, execution evidence, ownership state, and evidence completeness. Not persisted — computed from entity relationships and execution_paths[] at query time. Not an execution chain. See W1 scope. |
| Authority Path | A 4-node linear projection: Workload → Identity → Destination → Data Domain, connected by edges RUNS_AS, INVOKES, and a derived "REACHES" display label (not a stored relationship — computed from execution_paths[]). The structural backbone of an Exposure. |
| Risk Cluster | A compound-condition grouping over 4 dimensions (data sensitivity × egress category × execution status × ownership status). Computed ephemerally — not persisted. Used for triage prioritization in W1. |
| Standing Authority | The ability of a workload to execute autonomously without interactive human approval at runtime — characterized by execution model (autonomous/assisted/human), auth type, and whether a human session is required. |
| Posture Summary | A W1 overview showing 4 execution visibility categories: active autonomous identities, dormant authority identities, operator-assisted workloads, and human-triggered workloads. Counts distinct identities (cards 1-2) and workloads (cards 3-4). |
Disambiguation: Workload vs Exposure vs Execution Chain vs Execution Path
Four related concepts share similar terminology. They are distinct:
| Concept | What it is | Stored as | UI location |
|---|---|---|---|
| Workload (entity) | A discovered configuration artifact from a source system (Business Rule, Flow, Scheduled Job). Does not authenticate — delegates via RUNS_AS. | entity_type: "workload" on EntityDoc (deprecated alias: "automation") | /exposures (W1), /automations (legacy) |
| Exposure (W1 derived) | One Authority Path (Workload → Identity → Destination → Data Domain) enriched with findings, evidence, and ownership. NOT persisted — computed at query time. | Not stored — computed from entity graph | /exposures, /exposures/:id |
| Execution Chain | A platform-computed BFS traversal from workload entry point through connection, credential, identity, roles, to resources. Tracks structural changes via composition fingerprint. | execution_chains collection | /chains, /chains/:id |
| Execution Path | A materialized path from identity/workload through role → permission → resource. Pre-computed for O(1) blast radius queries. | execution_paths[] array on EntityDoc | Effects tab on entity detail |
Key distinction: A workload entity is a configuration object — it defines what code exists. An exposure is a derived assessment unit — it represents one authority path through the graph enriched with risk context. An execution chain is a traversal result — it describes how code reaches resources. An execution path is a materialized authority record — it captures what resources are reachable through role assignments.
Evaluator rules operate on workload entities (checking their execution paths and evidence). Finding text distinguishes "Workload has..." from "Identity has..." to prevent misattribution.
Finding Types
Core (all wedges)
| Type | Trigger |
|---|---|
Orphaned Ownership (orphaned_ownership) | All ownership levels (primary, secondary, inherited) have decayed |
Ownership Degraded (ownership_degraded) | Primary owner decayed but secondary/inherited remains active |
Dormant Authority (dormant_authority) | Identity has elevated permissions but no recent execution activity (>90 days) |
Scope Drift (scope_drift) | Permissions expanded over time without periodic review or re-approval |
Privilege-Justification Gap (privilege_justification_gap) | Authority exists with no traceable approval or business justification |
W1 (Agentic AI Exposure Discovery & Assessment)
| Type | Trigger |
|---|---|
Unproven Execution (unproven_execution) | Workload can execute autonomously but no execution evidence can be deterministically linked to it or its RUNS_AS identity |
Unknown Identity Binding (unknown_identity_binding) | Workload has no deterministic RUNS_AS relationship, or the target identity is not uniquely identifiable |
Reachable Sensitive Domain (reachable_sensitive_domain) | Entity has execution_paths with sensitivity in (confidential, restricted) |
LLM Egress (llm_egress) | Workload has egress_category: "llm" |
External Egress (external_egress) | Workload has egress_category: "external" |
Ownership Invalid (ownership_invalid) | Alias of orphaned_ownership — no active owners at any level |
Ownership Ambiguous (ownership_ambiguous) | Entity has only group/team owners and has never had an individual owner assigned. Distinct from ownership_degraded (individual was once assigned and lost). |
Ownership Unknown (ownership_unknown) | Insufficient deterministic metadata to determine ownership |
Execution Mode
Classifies how a workload runs. Two orthogonal dimensions determine whether a workload is in scope:
| Value | Definition | Example |
|---|---|---|
autonomous | Executes without any human trigger — on schedule, event, or data change. Always in scope. | Scheduled Job that syncs Workday data nightly |
operator_assisted | Human initiates but workload executes independently with standing authority. In scope when it has external egress or active execution evidence. | Service Catalog flow that creates an HR case and calls an external LLM API |
human_triggered | Requires active human session to execute, no standing autonomous execution. Generally out of scope but may be in scope if it has external egress and active executions. | UI Action that runs server-side script on button click |
unknown | Trigger type could not be classified from available source data. Treated as in scope until proven otherwise. | Flow with missing or unrecognized trigger configuration |
Trigger type → execution_mode mapping (ServiceNow):
| Trigger Type | execution_mode |
|---|---|
record, schedule, event, data_change | autonomous |
service_catalog, email, inbound_action | operator_assisted |
ui_action, manual | human_triggered |
Important: execution_mode alone does NOT determine security relevance. An operator_assisted workload with LLM egress and 3 executions per day (e.g., AI Triage Flow) is more security-relevant than an autonomous workload with no egress and zero executions.
Security Relevance
Classifies why a workload matters for security analysis. Computed from the combination of execution_mode, egress, execution evidence, and identity binding:
| Value | Definition | Criteria |
|---|---|---|
active_external | Actively executing with external egress — highest priority. | Has external/cloud egress AND execution_count_30d > 0 |
dormant_authority | Has authority or configuration for external access but no recent execution. Still in scope — authority persists. | Has external/cloud egress OR identity binding, BUT execution_count_30d == 0 |
internal_inventory | Internal-only, no external egress, no identity binding, no execution evidence. Informational only — filtered from connector output in current architecture. | egress_category in (none, internal, unknown) AND identity_binding_status == "unlinked" AND execution_count_30d == 0 |
Filtering policy: Connector-side filtering of internal_inventory workloads is opt-in via filter_internal_inventory=True. Default is OFF to preserve Phase 1 inventory completeness (PRD §1: enumerate all workload constructs independent of execution). The security_relevance property is always set, enabling platform-side or UI-side filtering.
Risk Groups
Risk-based triage grouping (not risk scoring) applied to workload nodes based on egress category × data origin sensitivity. Hardcoded for Phase 1 (PRD §7). Matches risk_grouper.py implementation. W1 extends this to 4-dimensional compound Risk Clusters (+ execution status + ownership status).
| Group | Label | Criteria | Priority |
|---|---|---|---|
| RG1 | Sensitive Data → LLM Egress | Sensitive data domains (HR, identity, customer, financial) + LLM egress | P0 |
| RG2 | Sensitive Data → External Egress | Sensitive data domains + external (non-LLM) egress | P1 |
| RG3 | External/LLM Egress (Non-sensitive) | External or LLM egress but non-sensitive data domains | P2 |
| RG4 | Internal Only / No Observed Egress | Internal-only egress or no observed egress | P3 |
| RG5 | Unclassified / Unknown | Insufficient data to classify | P3 |
Platform Concepts
| Term | Definition |
|---|---|
| Materialized Paths | Pre-computed execution paths stored directly on identity documents, enabling O(1) blast radius queries |
| Baseline | A periodic full snapshot of all entities from a source system, used as anchor points for point-in-time reconstruction |
| StorageAdapter | The database abstraction interface that enables future migration from MongoDB-only to MongoDB+Neo4j without changing connectors or API |
| NormalizedGraph | The standardized output of a connector's transform phase — database-agnostic representation of nodes (entities) and edges (relationships) |
| Diff Engine | Compares current NormalizedGraph against previous state and emits typed change events |
| Execution Chains Collection | MongoDB collection (execution_chains) storing platform-computed chain tracking with stable identity, composition fingerprint, and summary statistics |
| Connector | A pluggable module that extracts, transforms, and normalizes data from a specific source system (Entra ID, ServiceNow, GitHub, etc.) |
| Sync Cursor | Tracks where a connector left off when fetching audit logs, enabling incremental syncs |
| OAA (Open Authorization API) | A standardized JSON format created by Veza for representing authorization data. Used by 250+ community connectors. SecurityV0 treats OAA as an export projection, not its internal model. See ADR-009. |
| Veza | An authorization security company that created OAA. SecurityV0 draws on OAA's connector ecosystem patterns but maintains a richer internal model that captures execution chains, temporal drift, and evidence provenance. |
Entity Types
| Type | Description |
|---|---|
| Identity | An entity that authenticates and acts in systems — service principals, OAuth apps, machine accounts. The only entity type that "can log in." entity_type: "identity". |
| Workload | An entity that defines executable behavior — Business Rules, Script Includes, Flows, Scheduled Jobs. Does not authenticate; uses RUNS_AS. entity_type: "workload" (deprecated alias: "automation"). See ADR-010. |
| Connection | An outbound integration endpoint — REST Messages, SOAP Messages, HTTP Connections. entity_type: "connection". |
| Credential | Authentication material — OAuth Providers/Profiles, API Keys, Certificates, client secrets. entity_type: "credential". |
| Owner | A human or team accountable for an entity's existence and authority. Internal entity_type: "owner". Connectors emit as human_identity NormalizedNodeType; platform normalizer maps to owner. |
| Role | A named grouping of permissions (application role, directory role, custom role). entity_type: "role". |
| Permission | An individual capability (read, write, execute, admin, delegate) scoped to a resource. entity_type: "permission". |
| Resource | A system object acted upon (table, API endpoint, repository, secret, workflow). entity_type: "resource". |
| Execution Evidence | Immutable proof of execution — sign-in logs, transaction logs, flow execution records. entity_type: "execution_evidence". |
Relationship Types
| Relationship | Direction | Meaning |
|---|---|---|
OWNED_BY | any → Owner | Ownership accountability |
BELONGS_TO | Owner → Parent Owner | Ownership hierarchy (team → BU → org) |
HAS_ROLE | Identity → Role | Role assignment |
GRANTS | Role → Permission | Role includes permission |
APPLIES_TO | Permission → Resource | Permission scoped to resource |
AUTHENTICATES_TO | Identity → Identity | Cross-system auth chain (Entra SP → ServiceNow user) |
AUTHENTICATES_VIA | (deprecated) | Legacy edge. Connection→credential usage remapped to USES. Identity→credential usage removed — path is now credential→identity via AUTHENTICATES_AS. See ADR-007. |
EXECUTES_ON | Workload → Resource | Observed execution evidence (narrowed: workload→resource only) |
RUNS_AS | Workload → Identity | Owner | Workload executes as this identity or human user |
TRIGGERS_ON | Workload → Resource | This workload is triggered by this resource or event |
CREATED_BY | any → Owner | Historical creation fact (distinct from ongoing OWNED_BY accountability) |
CALLS | Workload → Workload | Workload invokes another workload (BR → SI). See ADR-007. |
INVOKES | Workload → Connection | Workload uses outbound connection (SI → REST Message) |
USES | Connection → Credential | Connection uses authentication material (REST Message → OAuth Profile) |
AUTHENTICATES_AS | Credential → Identity | Credential represents an identity (OAuth Profile → Service Principal) |