https://store-images.s-microsoft.com/image/apps.33076.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.a68ad2ad-c5bb-4bc5-9b5e-48b1059b4dfe
FSProtect - Active Directory Security Assessment
by Forestall Security
Just a moment, logging you in...
Reveal Active Directory security posture before the attackers
FSProtect - Resilient Active Directory with Ease
FSProtect reveals organizations’ Active Directory security posture before the attacker and enables you to quickly take the necessary precautions with the continuous vulnerability assessment.
Active Directory Inventory Mapping
FSProtect collects in-depth information and relationships of Active Directory objects and endpoints with the proprietary information gathering algorithms. Some of the analyzed objects can be seen below.
- Users
- Computers
- Groups
- Group Policy Objects
- Organization Units
- Service Accounts / Managed Service Accounts
- Service Principle Names
- Access Control Entries
- Local Groups
- Local Users
- Network Shares
It presents this information in a form that can be easily searched, filtered, and exported in CSV format on the web interface. For example, the following information can be easily obtained through this interface.
- Privileged User and Groups
- Disabled/Locked Users
- Service Users
- Organizational Units with No Members
- User with Local Administrator Privileges
- Computers/Users with Most Sessions
- Group Policies with No Linked Entities
Active Directory Vulnerability Assessment
FSProtect continuously detects Active Directory Specific vulnerabilities with no false positives thanks to its Vulnerability Detection Engine. In addition, custom tags are added into vulnerabilities for easier categorization. Vulnerability documentation contains the information below to accelerate vulnerability identification, remediation, detection, and prioritization process.
Active Directory Security Graph
FSProtect creates an organizational Active Directory Security graph when the scan is finished. This graph contains all domain inventory and their relationships in one interface. Using manual or built-in queries in the graph module, abnormal relationships, shortest lateral movement and privilege escalation paths and misconfigured access control entries can be easily detected. Some of the Built-in queries in the Graph Module.
- Object with DCSync Rights
- Non-built-in Admin Objects with WriteDACL Rights
- Administrator Sessions to Non-Domain Controllers
- Groups with Local Administrator Rights
- Shortest Path to Admin Groups
- Abnormal Rights which Domain User shouldn’t have
At a glance
https://store-images.s-microsoft.com/image/apps.39609.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.4ba70868-7c4b-4664-b7b0-fa73869aa086
https://store-images.s-microsoft.com/image/apps.39609.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.4ba70868-7c4b-4664-b7b0-fa73869aa086
https://store-images.s-microsoft.com/image/apps.39609.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.4ba70868-7c4b-4664-b7b0-fa73869aa086
https://store-images.s-microsoft.com/image/apps.44276.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.99affa53-1dd0-4afe-ba53-e46d26190224
https://store-images.s-microsoft.com/image/apps.4716.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.e7dcd174-9d9c-40ce-a8ba-29cee36a19d1
https://store-images.s-microsoft.com/image/apps.53705.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.a5b4f61f-d79a-48f0-8d56-c0137c6c2499
https://store-images.s-microsoft.com/image/apps.53452.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.f72b4c87-8dd8-4f25-85cb-5a8e342ea9cd
https://store-images.s-microsoft.com/image/apps.60545.95441e5b-8256-4a75-9f77-690e0f3278e1.f619bfce-829d-416d-99a4-ceecc80a5882.5d7ed548-0ad4-40ff-875e-55be152727e9