The Security Guardian dashboard displays a visual summary of the current security status of your organization's Active Directory and Entra ID.
To access the Security Guardian dashboard:
From the On Demand left navigation menu, choose Security | Dashboard. The dashboard contains tiles for each of the following components:
- Uncertified Tier Zero Objects (from Active Directory)
- Uncertified Privileged Objects (from Entra ID)
- Active Directory Tier Zero certification summary
- Entra ID Privileged Objects certification summary
- Highest Severity Findings
- Active Hygiene and Active Detected
- Configuration Status
The Uncertified Tier Zero Objects and Uncertified Privileged Objects tiles:
-
display the last time the objects list was synchronized
-
list the last ten uncertified objects of each type that were added to Security Guardian (you can click View All for an object type to view the complete list for each workload)
NOTE: Objects that have been certified are excluded from the lists.
-
provide links that allow you to
- view object details (by clicking an object name)
-
NOTE: From within the Details view you can also certify the Tier Zero or Privileged object. Once an object is certified, it will no longer display in this tile.
- Investigate the Finding for the object
- add a new Tier Zero or Privileged object
- if BloodHound Enterprise is configured, log into BloodHound (if you have at least Read permissions) to open the Attack Paths page
-
NOTE: If Security Guardian is your provider, this link is hidden.
- view the Tier Zero Objects list or Privileged Objects list.
The Highest Severity Findings tile displays the top five active findings of the highest severity. Information includes:
- the Finding name
- when the Finding was Detected
- the Finding Type (Tier Zero, Privileged Object, Hygiene, Detected TTP, or Detected Anomaly)
- the Severity indicator (Critical, High, or Medium)
- a link that allows you to Investigate the Finding
The View All link at the bottom of the tile allows you to view the list of all active Findings for the organization.
The Active Directory Tier Zero Objects and Entra ID Privileged Objects tiles display graphical representations of the number of certified vs. uncertified objects.
The Active Hygiene and Active Detected tile shows the total number of Hygiene and Detected (TTP and Anomaly) Findings in the organization by severity level (Critical, High, and Medium).
From the Configuration Status tile you can configure additional components and view existing configurations.