# Entity Insights and Finding Rules

### Understanding Entities

In our system, the **Entities** are used to represent identities, resources, connections, etc. The data extracted from your application integrations are organized into **entity types** such as **identity**, **resource**, **connection**, **insight**. Entities are flexible and can be extended in the future as new requirements and use cases emerge (for instance: even logs can be entities).

**Entities description:**

1. **Identity**: This represents a **user** or **service** **account** in your system. Identities are extracted directly from your application integrations. They could be individual users, customer profiles, or different types of accounts, each with specific access rights.
2. **Resource**: Resources are the **assets or services** that users can access. These are also extracted from your application integrations. Resources can include anything from documents, databases, or reports to specific features in your app. For instance, a resource could be a premium feature, a cloud storage space, or an API service that users have permission to use.
3. **Connection**: A **connection** represents the **access provider** for a user (identity) to a resource. These connections are derived from the entitlements granted through the application integrations. For example, a user gains access to admin resources as a virtue of being in an admin role. Here the "admin" role serves the purpose of a connection.
4. **Insight**: Unlike identities, resources, and connections—which are directly extracted from your application integrations—**insights** are generated based on our **analysis** of your data. Insights provide valuable, actionable information about how resources are being accessed. These insights are not directly pulled from your integrations but are created through analysis of the relationships and data captured by the other entities.