The Active Directory vulnerability assessment provides visibility into security misconfigurations and risk conditions within the customer's Active Directory environment. It evaluates forest, domain, and domain controller configurations against security best practices and highlights settings that may increase exposure to compromise.
The assessment is designed to help administrators identify and prioritize security weaknesses before they are exploited.
What the assessment does
The Active Directory vulnerability assessment:
-
Scans Active Directory configuration data across the forest
-
Identifies security misconfigurations and risky settings
-
Evaluates domain-level and domain controller-level security posture
-
Categorizes findings by severity
-
Provides remediation guidance for each identified vulnerability
Indicators are evaluated at one or more of the following scopes:
-
Forest level: Configuration issues that affect the entire forest
-
Domain level: Settings that apply to a specific domain
-
Domain controller level: Security posture and configuration of individual DCs
Assessment results provide actionable information to support security hardening and compliance initiatives.
What the assessment does not do
The Active Directory vulnerability assessment is assessment-only functionality.
It does not:
-
Modify Active Directory objects
-
Change Group Policy
-
Alter security settings
-
Automatically remediate vulnerabilities
-
Require backups to operate
All data collection is read-only. No configuration changes are made to the environment during scanning.
How it works
The assessment uses the Active Directory agent to collect configuration and security-related data from domain controllers. Data is securely transmitted to the control plane, where indicators are evaluated and findings are generated.
Depending on the indicator, data may be collected from:
-
The forest configuration partition
-
Domain partitions
-
Individual domain controllers
Results are displayed in the console, where administrators can review findings, understand associated risks, and access remediation guidance.
When to use the assessment
Use the Active Directory vulnerability assessment to:
-
Establish a baseline of AD security posture
-
Identify high-risk legacy protocols and insecure configurations
-
Validate hardening efforts
-
Monitor configuration drift over time
-
Support internal security reviews and audits
The assessment complements Active Directory backup and recovery capabilities by helping reduce the likelihood of compromise before recovery becomes necessary.