Chat now with support
Chat mit Support

Security Guardian Current - User Guide

Introducing Quest Security Guardian Using the Dashboard Security Guardian Inteligence Tier Zero Objects Shields Up Protection Privileged Objects Assessments Findings Security Settings Appendix - Security Guardian Indicator Details Appendix - Data Collection Details

Assessments

Assessments are a set of Discoveries that are evaluated against collected data to identify vulnerabilities in your organization's Active Directory domains and Entra ID tenants. They run automatically once added, and then run periodically, depending on how often data is collected. This allows you to identify which objects within scope contain vulnerabilities that require further investigation and remediation.

To access Assessments functionality:

From the left navigation menu, choose Security | Assessments.

First Assessment Notification Email

If email is configured for Security Guardian, after the first Assessment is completed for the organization, a notification email is sent which includes the total number of the following:

  • Findings without vulnerable objects

  • Findings with vulnerable objects

  • Findings with inconclusive results

  • Findings that returned an error

NOTE: This notification applies only for the first Assessment that is completed for an organization. If email is configured after the first Assessment has run, a notification will not be sent. Subsequent emails will be sent advising that the Assessment has been completed and vulnerable objects have grown in scope.

 

Built-in Assessments

Security Guardian includes built-in Security Assessments for Active Directory and/or Entra ID. They contain all pre-defined Discoveries provided by Quest and are run on all domains and/or tenants configured in On Demand for your organization.

NOTE: If no domains or tenants are configured for data collection, the status message Configuration Required will display in the All Assessments list.

Pre-defined Discoveries are added automatically to Assessments as they are released by Quest.

NOTE: Built-in Assessments cannot be edited or deleted.

All Assessments List

 

The All Assessments tab displays a list of all Assessments (both built-in and user-created) for the organization along with the following information for each:

  • Assessment name (with a link to Assessment Details)

  • Active Directory domain or Entra ID tenant containing the assessed objects (with the option to Link to Results)

  • Security Guardian Intelligence: Access Security Guardian Intelligence by clicking the icon next to the Active Directory domain or Entra ID tenant in the Link to Results column. See Using Security Guardian Intelligence and Assessments.

  • Assessment Summary: The Assessment Summary is an AI-generated report that provides insights and a high-level overview of assessment results across your organization. See Viewing Assessment Summary Information.

  • Workload (Active Directory or Entra ID)

  • Created By either:

  • Status of the Assessment:

    Configuration Required

    NOTE: This status is used to indicate the absence of an Active Directory domain or Entra ID tenant in On Demand for the organization. This may be because:

    • A domain or tenant has not yet been added to On Demand, which will prevent the built-in Assessment from running.

    • The domain or tenant selected for the Assessment has since been removed from On Demand.

    • When the Assessment was created, all available domains or tenants were excluded.

    Agent Required (See Configuring Additional Components -Hybrid Agent)
    No Data Collected
    No Vulnerabilities Found
    n Vulnerabilities Found

  • Date and time when data was Last Collected

    NOTE: This field displays the signed-in user's local date and time.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen