Active Directory Security Assessment

More security for your Active Directory – detect and repair vulnerabilities

The Active Directory is a central location for managing network resources, user objects and permissions. Safety flaws and potential vulnerabilities within the configuration can have a major impact on network security and increase vulnerability to cyberattacks.

To identify these security gaps and risks, conova uses Active Directory Security Assessment, a tool that completely examines the local Active Directory settings in your company for security issues. The backend uses the conova auditor license from PingCastle to generate detailed and extensive reports (maturity level and MITER ATT&CK display) in addition to the standard evaluations.

The individually evaluated areas are clearly presented in XML and HTML format. As part of an individual consultation, all results are analyzed by conova specialists and then discussed with you in detail. This gives you targeted optimization suggestions and recommendations to ensure secure AD-configuration in your company.

Anführungsstriche der conova Corporate Identity
Advantages
  • Comprehensive AD-configuration security assessment
  • Identification of possible risks and vulnerabilities
  • Detailed reports in XML and HTML format
  • Findings-prioritization according to urgency
  • Consultation with optimization suggestions
  • Optional: detailed workshop to evaluate findings

The “Active Directory (AD)” directory service, introduced with the Windows 2000 server has been in use for many years now. During this time, algorithms have changed and many companies have accumulated old burdens and issues related to computer- and user accounts, domain controllers and unused groups.

In order to avoid open gateways and security gaps for attackers, your infrastructure environments’ Active Directory should be checked in detail at least monthly. Old and unnecessary user and computer accounts should be deactivated or deleted. A regular security check provides results for a continuous improvement process. This is particularly important because we are constantly facing new vulnerabilities and risks (CVEs = Common Vulnerabilities and Exposures) and, of course, cyber criminals. The threats are steadily increasing.

Regular Security Checks

The PingCastle tool allows you to carry out these necessary security checks independently and at regular intervals in order to maintain your local Active Directory settings.

The rules used in PingCastle are based on ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) and also the Miter Att&ck frameworks. The use of the integrated maturity model, which is based on CMMI (Capability Maturity Model Integration) categories, is recommended in order to continuously improve your own AD security.

After running the PingCastle Health Check, you will receive various reports, such as the ‘Risk model’.

grafik risk model AD security assessment conova

Additional information and reports regarding discovered vulnerabilities

With our conova auditor license, we can provide one great advantage and added value: Additional evaluations and reports on the vulnerabilities that are found. The focus here is clearly on supporting you as a client in setting up a continuous improvement process and establishing basic safety hygiene.

This means:

  • The first step is showing you how to use PingCastle optimally and to receive initial assessments and evaluate them accordingly. Together, we will initially clarify which configuration adjustments must be made immediately and which settings can be postponed. We provide you with advisory support during implementation in order to avoid errors in the adaptations and possibly deactivate services that we, for example, need as your IT service provider.
  • The second step is checking whether the initial adjustments have led to an improvement in basic security. Finally, our experts will discuss further ‘to-dos’ with you.
conova grafik AD Security Assessment Maturity Level

View of maturity

Maturity Level conova Active Directory Security Assessment

MITRE ATT&CK representation

In addition to information regarding security gaps, the detailed reports generated by the Active Directory Security Assessment also contain further links with corresponding explanations as to why the current configuration may represent acute problems.

You require more detailed information or are interested in a non-binding consultation? Then please send us a short inquiry to sales@conova.com or simply fill out our contact form.