StealthAUDIT® for Active Directory - Permissions Analyzer

Know Who Has Permissions to Every AD Object

If an organization cannot see who has permissions to critical objects within Active Directory, then everything connected to AD is vulnerable.

StealthAUDIT for Active Directory – Permissions Analyzer enables organizations to easily and automatically determine effective permissions applied to any and all Active Directory objects.

Active Directory Sensitive Security Group Membership report shows the details of Domain, Enterprise, and Schema Administrators groups across domains, including effective membership, nesting depth, and password status.

The STEALTHbits Advantage

With StealthAUDIT for Active Directory – Permissions Analyzer, organizations gain the most authoritative view of who has access to what in AD. Key features include:

  • Reset Password
  • User Permissions
  • Group Membership
  • Group Permissions
  • OU Permissions
  • Computer Permissions

Assessing and detecting of privileged users is an obvious avenue for a third-party solution that automates some or all tasks. Without one, it’s safe to say that no organization can stay on top of every method of privileged access.

- Randy Franklin Smith, Microsoft Security Most Valuable Professional (MVP)

Active Directory Reset Password Report shows where Reset Password permissions are applied to Active Directory user objects.

Click To Enlarge

Highlight instances where "Reset Password" permissions are applied to Active Directory user objects, with the information summarized at the domain and enterprise levels.

Active Directory User Permissions Report identifies where permissions are applied to Active Directory user objects and the level of permissions granted.

Click To Enlarge

Pinpoint instances where permissions are applied to Active Directory user objects, as well as the level of permissions granted.

Active Directory Group Membership Report shows who can change the membership of Active Directory group objects across domains, including top users with group membership change permissions.

Click To Enlarge

Understand which trustees can change the membership of Active Directory group objects, either by writing the member attribute or via the "Add/Remove self as member" permission.

Active Directory Group Permissions Report shows where permissions are applied to Active Directory group objects.

Click To Enlarge

Shed light on instances where permissions are applied to Active Directory group objects to understand who can perform specific operations against AD groups.

Active Directory Organizational Unit (OU) Permissions Report shows where permissions are applied to Active Directory OUs.

Click To Enlarge

Quickly analyze and report on where permissions are applied to Active Directory organizational units, with findings summarized at the domain and enterprise levels.

Active Directory Computer Permissions Report identifies where permissions are applied to Active Directory computer objects across domains.

Click To Enlarge

Uncover instances where permissions are applied to Active Directory computer objects to avoid growing breach scenarios.

Resources

Data Sheet - StealthAUDIT® for Active Directory - AD Permissions Analyzer

StealthAUDIT® for Active Directory - AD Permissions Analyzer

Data Sheet - StealthAUDIT for Active Directory

Data Sheet - StealthAUDIT® for Active Directory