Dashboard

Dashboard, provides a general and holistic view of security posture about scanned Active Directory Forests based on different perspectives.

Risk Pane

This Risk Pane summarizes key risk metrics from the scan, including the overall Risk and Exposure Scores, Dangerous Paths, Stealth Admins, and severity levels (Critical to Info). It also breaks down risks by MITRE ATT&CK Tactics (e.g., Persistence, Privilege Escalation), Tags (e.g., Privilege Management, Account Security), Impacts (e.g., Credential Theft, NTLM Relay), and Entity Types (e.g., Domain, User, GPO). This layout helps quickly pinpoint high-risk areas and prioritize actions.

Risk Score, Exposure Score, Dangerous Path Count, Stealth Admins,and Severities

Risk Score: Risk score is the main identifier of the current security status of the Active Directory. It is calculated according to the severity and count of the Issues. If the risk score is 100, there is at least one Issue that causes total Active Directory compromise.

Exposure Score: A metric reflecting the level of exposure within the Active Directory based on discovered vulnerabilities and misconfigurations.

Dangerous Path Count: Dangerous Path Count indicates the attack path count that can lead to the compromise of Admin objects by Unprivileged objects.

Stealth Admins: The count of admin accounts with elevated permissions that are hard to detect, posing a security risk.

Critical: The number of Issues with Critical severity.

High: The number of Issues with High severity.

Medium: The number of Issues with Medium severity.

Low: The number of Issues with Low severity.

Info: The number of Issues with Info severity.

Risk Breakdown by MITRE ATT&CK Tactics

Risk scores based on MITRE ATT&CK Tactics mapping.

Risk Breakdown by Tags, Impacts and Entity Types

Risk Breakdown by Tags: Risk scores based on Tags.

Risk Breakdown by Impacts: Risk scores based on Impacts.

Risk Breakdown by Entity Types: Risk scores based on Entity Types.

Entity Pane

Entity Pane, contains different statistics by object types for the selected scan. This area can be useful to view identity-related statistics from both security and management perspectives. The result of these statistics can be seen with Search & Reports interface with just one click.

Risky Admins: Admins with elevated privileges that pose security risks due to weak credentials, over-permissioning, or suspicious activity.

Stealth Admins: Admins with hidden or hard-to-detect privileges, increasing the risk of unnoticed misuse.

Users Table

Computers Table

Groups Table

Group Policy Objects Table

Computer OS Breakdown: Distribution of computer objects by their operating system.

Top Risky Admins: Top 5 admin user accounts according to their risk scores.

Top Stealth Admins : Top 5 stealth admin user accounts according to their risk scores.