Security Guardian Intelligence can answer questions, provide a quick summary of your environment, including workload Assessments and vulnerabilities, Findings, and recommendations for fixing issues.
Security Guardian Intelligence can be accessed from numerous areas within Security Guardian to help provide information on your organization.
Security Guardian Intelligence can quickly answer your questions and provide a high-level overview of your environment, including identified Findings and recommended actions to resolve issues.
|
|
NOTE:
|
To access Security Guardian Intelligence from findings:
From the left navigation menu, choose Security | Findings.
Select a Finding and click the Security Guardian Intelligence tab.
You can enter your question directly or select from the following to get started.
Summary offers a concise overview of a specific Finding, including an explanation, the affected objects, real-world examples of similar issues, and suggested follow-up questions to guide further investigation.
Related Findings highlights other active Findings that are connected by object-type or potential attack paths, helping you understand broader security implications and offering additional follow-up questions.
Additional Information provides a detailed risk overview, including severity levels, affected objects, potential security threats, real-world exploit incidents, and a security risk review, along with relevant follow-up questions.
Remediation outlines recommended remediation steps, including detailed instructions, and follow-up questions to support implementation.
Security Guardian Intelligence helps you ask focused questions tailored to your environment, providing valuable insights into the security posture of your organization’s Active Directory and Entra ID systems. It highlights critical vulnerabilities and issues identified during assessments and offers practical recommendations for remediation. You can choose to view a high-level summary across all your organizations or dive into detailed findings for specific domains or tenants.
|
|
NOTE:
|
To access Security Guardian Intelligence for Assessments:
From the left navigation menu, choose Security | Assessments.
Select the Security Guardian Intelligence button or the icon in the Results column.
Select one of the following to access more information:
Type your question.
Click Summary to view an overview of all Active Directory and Entra ID assessments.
Click the Security Guardian Intelligence icon next to the Active Directory domain or Entra ID tenant to view only the associated Assessment summary information.
Review the provided information and delve deeper into the issue if needed.
The summary information includes:
The analyzed workload, including the number of issues found and the total objects collected for the Assessment.
Security Posture Summary.
Top vulnerabilities identified.
Suggested follow-up questions to guide further investigation.
Tier Zero objects are the most critical assets within an organization's Active Directory. Within the Microsoft enterprise access model, Tier Zero objects in Active Directory include accounts, groups, and other assets that have direct or indirect administrative control of AD and the assets within it.
Currently, Security Guardian supports the following Tier Zero object types:
The Tier Zero provider (Security Guardian or BloodHound Enterprise) identifies Tier Zero objects within the organization's Active Directory domain(s). These objects are then collected by and displayed in Security Guardian.
You can also add Tier Zero objects to Security Guardian manually.
© ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center
