You can create custom Discoveries based on pre-defined vulnerability templates.

NOTE: All of the available vulnerability templates are used in pre-defined Discoveries. You can refer to the Pre-defined Discoveries and Vulnerabilities for Active Directory and Entra ID sections for guidance when creating a new Discovery.

To create a Discovery:

  1. From the Discoveries list, click Create.

  2. Select a Workload (Active Directory or Entra ID).

  3. Enter a Discovery Type.

  4. Click Select Vulnerabilities to display a list of available vulnerability templates for the workload.

  5. Select each vulnerability template you want to add to the Discovery, then click Select.

  6. For each vulnerability added to the Discovery:

    1. Enter a Vulnerability Name.

    2. For Risk, enter the reason why the vulnerability is considered a risk. For Remediation, enter the recommendation for resolving the vulnerability.

      TIP: You can refer to Pre-defined Discoveries and Vulnerabilities for Active Directory and Entra ID for examples of Risk and Remediation text.

  7. If the vulnerability includes a Scope, specify the objects that you want the Assessment to evaluate. Use the information in the following table for guidance.

    NOTES:

    • If the Tier Zero or Privileged objects checkbox is selected, all applicable Tier Zero or Privileged objects, both those collected from the provider (Security Guardian or BloodHound Enterprise) and any that were manually-created, will be included in/excluded from the scope (depending on which option you select).

    • If a vulnerability pertains to a specific object or set of objects, the Scope section will be hidden. For example, if the vulnerability pertains to users, only Tier Zero users will be included. If the vulnerability pertains to a specific AD group, such as Built-In administrators, only that group will be included.

    Scope selection Description
    All {objects} All objects in the workload that are the applicable object type, including both Tier Zero/Privileged and non-Tier Zero/Non-Privileged objects.
    Select {objects} Only the objects you specify based on your selection criteria will be included. When finished, click Add Object to add the object (s) to the Selected {Object}s list. If you want to exclude individual objects within your selection (for example, you selected an AD group but want to exclude individual members from the scope), click Add Exceptions and enter the object(s) as you would if you were adding objects.
    All Except Selected {objects} Only the objects you specify based on your selection criteria will be excluded from the scope. You can add multiple objects, separated by semicolons. When finished, click Add Object to add the object (s)to the Selected {Object}s list.

  8. Click Save.