Active Directory Security Assessment

Active Directory Security Assessment (ADSA)

An in-depth review of Active Directory configurations and Group Policy Object (GPO) settings to enhance security for in-scope domains, including their Organizational Units (OUs), groups, computers, users, and service accounts. Illumant employs automated GPO analysis tools and detailed manual reviews to deliver recommendations aimed at strengthening your Active Directory implementation.

Illumant analyzes the Active Directory from a variety of perspectives in order to evaluate the security of the AD implementation, and the security AD provides to users, computers, and the organization as a whole:

Classification of Users and Groups: Privileged vs. Unprivileged

• Illumant evaluates multiple factors for each AD group to identify privileged access, especially beneficial for environments with numerous groups.
• Group classification directly assists in determining user privileges based on group memberships. Advanced techniques ensure accurate group membership resolution, even with deeply nested groups.

Discovery of Sensitive Information:

• Illumant routinely identifies sensitive information such as passwords or encryption keys within accessible sections of Active Directory, even in mature deployments.

Review of GPO Permissions:

• Identification of sensitive GPOs potentially modifiable by low-privileged users, posing a risk of privilege escalation.
• Analysis of inactive accounts or accounts needing password updates based on inactivity or password age.