Quest Security Guardian comes with the following pre-defined Discoveries for Active Directory vulnerabilities.
|
|
NOTE: "System" displays in the Created By field of the Discoveries list when a Discovery type is pre-defined. |
| Discovery Type | Description |
|---|---|
| Credential Access | Techniques deployed by adversaries on systems and networks to steal usernames and credentials for re-use. |
| Defense Evasion | Techniques used by adversaries to avoid detection. Evasion techniques include hiding malicious code within trusted processes and folders, encrypting or obfuscating adversary code, or disabling security software. |
| Discovery | Techniques used by adversaries to obtain information about systems and networks that they are looking to exploit or use for their tactical advantage. |
| Initial Access | Techniques used by adversaries to obtain a foothold within a network, such as targeted spear-phishing, exploiting vulnerabilities or configuration weaknesses in public-facing systems. |
| Lateral Movement | Techniques that allow adversaries to move from one system to another within a network. |
| Persistence | Techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. |
| Privilege Escalation | Techniques used by adversaries to gain higher-level privileges on a system, such as local administrator or root. |
| Reconnaissance | Techniques used by adversaries to gain a thorough understanding and complete mapping of your environment for later use. |