The Active Directory assessment goes through the local Active Directory environment and reports details that are important from a security perspective. The reports are organized with a table of contents to help locate the specific findings of interest, and problem areas are conveniently interpreted so as to make it easy to pinpoint problems to be remediated.
Active Directory section includes reports about Active Directory Computers, Active Directory GPOs, Active Directory Groups, Active Directory Groups- Detailed, AD Login Failures - Last 30 days, Active Directory OUs, Active Directory Overview, Active Directory Users, Complete Active Directory Data, Consolidated Active Directory Report & Password Policy.
AD Login failures Last 30 days
The DOC and Xlsx report displays the information on the Target Users Name, Description, Event Date Time, and Service Name.
Active Directory Computers
The PPT report displays the Computer Risk Assessment, which includes information such as the computer's last login for 30-60 days, 60-90 days, and 90+ days.
This report also includes graphical data about computers with Expired passwords, Passwords not required, Enabled computers, Password Non-Expiring, Password Expired, Password Not required, Disabled Computers, and locked out. This report's raw data can be found in the Active Directory Excel reports.
The PDF report showcases the Enabled computers, Disabled Computers, Locked Out Computers, Computers with Expired Passwords, Computers with Non-Expiring Passwords, Computers with Passwords that expire, Computers with Password Not Required, Computers not Logged in From the Last 30 days, and Computers Never Logged in.
The DOC report showcases the Overview of the Active Directory computers, Enabled computers, Disabled Computers, Locked Out Computers, Computers with Expired Passwords, Computers with Non-Expiring Passwords, Computers with Passwords that expire, Computers with Password Not Required, Computers not Logged in From the Last 30 days, and Computers Never Logged in.
Active Directory Groups
The PPT report showcases the Total number of Groups in the Active Directory which contains the Empty, Non-Empty Groups, Privileged access, and Non Privileged access.
This report showcases graphical information about the Empty groups, Non-Empty Groups, Privileged access, and Non-Privileged Access along with the actual numbers. The raw data of this report can be seen in the Active Directory Excel reports.
The PDF report showcase Empty Groups, Non-Empty Groups, and Privileged Access Groups.
The DOC report showcases Overview, Empty Groups, Non-Empty Groups, and Privileged Access Groups.
Detailed Active Directory Groups
The DOC report showcases the detailed view with an Overview, Empty Groups, Non-Empty Groups, and Privileged Access Groups.
Active Directory Overview
The PPT report showcases the AD summary Data like Users, Computers, Groups, and OUs.
The report showcases the Disabled Users, Enabled Users, Disabled Computers, Enabled Computers, Empty Groups, Non-Empty Groups, and Empty OUs and Non-Empty OUs. The raw data of this report can be seen in the Active Directory Excel reports.
Active Directory Users
The PPT report represents the User Risk Assessment for Total Users under Active Directory containing the Last Login for 30-60days, Last Login for 60-90days, Last Login for 90+ days, Never logged in, and Password Not Required.
This report also showcases the Enabled & Disabled Users, Locked Out & Not Locked Out Users, Expired & Not Expired password, Non-Expiring & Expiring Passwords, Password Required & Not required, Can Change & Can not Change Password. The raw data of this report can be seen in the Active Directory Excel reports.
The PDF report showcases the User Risk Assessment, Enabled Users, Disabled Users, Locked Out Users, Users with Expired Passwords, Users with Non-Expiring Passwords, Users with Passwords that Expire, Users with Password Not Required, Users not Logged in from the Last 30 days, and Users Never Logged in.
The DOC report showcases the Overview, Enabled Users, Disabled Users, Locked Out Users, Users with Expired Passwords, Users with Non-Expiring Passwords, Users with Passwords that Expire, Users with Password Not Required, Users not Logged in from the Last 30 days, and Users Never Logged in.
Complete Active Directory Data
The PDF and DOC reports showcase the complete data about All Computers, All Users, All Groups, All GPOs, and All OUs under the active directory.
Consolidated Active Directory Report
Password Policy
The DOC report showcases the Password policy, Password length of less than 8 characters, and Inconsistent password policy.
Password length of less than 8 characters
Issue: Passwords are not required to be 8 or more characters, allowing users to pick extremely short passwords which are vulnerable to brute force attacks.
Recommendation: Enable enforcement of password length to more than 8 characters.
Issue: Password policies are not consistently applied from one computer to the next. A consistently applied password policy ensures adherence to password practices.
Recommendation: Eliminate inconsistencies and exceptions to the password policy.