Quest Security Guardian comes with the following pre-defined Discoveries for Active Directory vulnerabilities.

NOTE: "System" displays in the Created By field of the Discoveries list when a Discovery type is pre-defined.

Discovery Type Description
Credential Access Techniques deployed by adversaries on systems and networks to steal usernames and credentials for re-use.
Defense Evasion Techniques used by adversaries to avoid detection. Evasion techniques include hiding malicious code within trusted processes and folders, encrypting or obfuscating adversary code, or disabling security software.
Discovery Techniques used by adversaries to obtain information about systems and networks that they are looking to exploit or use for their tactical advantage.
Initial Access Techniques used by adversaries to obtain a foothold within a network, such as targeted spear-phishing, exploiting vulnerabilities or configuration weaknesses in public-facing systems.
Lateral Movement Techniques that allow adversaries to move from one system to another within a network.
Persistence Techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access.
Privilege Escalation Techniques used by adversaries to gain higher-level privileges on a system, such as local administrator or root.
Reconnaissance Techniques used by adversaries to gain a thorough understanding and complete mapping of your environment for later use.

Additional permission required for specific vulnerabilities

In addition to the permissions required for the hybrid agent, the service account (which the Collect Active Directory object data action uses) must be a member of the Domain Admins group for the following pre-defined vulnerabilities and any vulnerabilities created using the same template.

For the vulnerability gMSA root key access, the account must be a member of the Domain Admins or Enterprise Admins group.

If the required permission is not granted, Assessment results for these vulnerabilities will return as Inconclusive.