Quest Security Guardian comes with the following pre-defined Discoveries for Entra ID vulnerabilities.
|
NOTE: "System" displays in the Created By field of the Discoveries list when a Discovery type is pre-defined. |
Discovery Type | Description |
---|---|
Entra ID Credential Access | Techniques deployed by adversaries on systems and networks to steal usernames and credentials for re-use. |
Entra ID Discovery | Techniques used by adversaries to obtain information about systems and networks that they are looking to exploit or use for their tactical advantage. |
Entra ID Initial Access | Techniques used by adversaries to obtain a foothold within a network, such as targeted spear-phishing, exploiting vulnerabilities or configuration weaknesses in public-facing systems. |
Entra ID Persistence | Techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. |
Entra ID Privilege Escalation | Techniques used by adversaries to gain higher-level privileges on a system, such as local administrator or root. |
Assessments that Require a Premium License
The following Entra ID Discoveries require a Premium License. If the organization has a free license, results will return as Inconclusive.
-
Entra ID guest user accounts that are inactive
-
Entra ID Privileged accounts that are not secured by multi-factor authentication (MFA)