サポートと今すぐチャット
サポートとのチャット

Security Guardian Current - User Guide

Introducing Quest Security Guardian Using the Dashboard Security Guardian Inteligence Tier Zero Objects Shields Up Protection Privileged Objects Assessments Findings Security Settings Appendix - Security Guardian Indicator Details Appendix - Data Collection Details

Creating an Assessment

In addition to using the built-in Assessment provided by Quest, you can create your own Assessments based on available Discoveries.

To create an Assessment:

  1. From the All Assessments tab click Create.

  2. Select the Workload (Active Directory or Entra ID)

  3. Enter an Assessment Name and Description.

  4. If you want to Automatically add Discoveries as they are released by Quest, check this box.

    NOTE: If you check this box and all pre-defined Discoveries that are provided by Quest will be added to the Assessment as they become available.

  5. Click Select Discoveries to display a list of available Discoveries for the workload.

  6. Select each Discovery you want to add to the Assessment, then click Select.

  7. For Domains or Tenants (depending on the workload you selected), select the Active Directory domains or Entra ID tenants that you want to Run this Assessment for. Use the information in the following table for guidance.

    Option Steps to Complete
    Only selected domains
    OR
    Only selected tenants

    • Select Only selected domains or Only selected tenants from the drop-down.

    • Click Select Domains or Select Tenants and select each domain or tenant you want to add to the Assessment, then click Select.

    The selected domain(s) or tenant(s) will display in the list.

    All except selected domains OR
    All selected tenants

    • Select All except selected domains or All except selected tenants from the drop-down.

    • Click Exclude Domains or Exclude Tenants

    • Select the domain(s) or tenant(s) you want to exclude from the Assessment.

    • Click Exclude.

    Excluded domains or tenants will display in the list. However, when you view the Assessment, all domains or tenants will display and those that are excluded are identified in the Status column.

    All domains

    OR

    All tenants

    Select All domains or All tenants.

    All domains or tenants configured for your organization will display in the list.

  8. Click Save.

Viewing, Editing, and Deleting an Assessment

From the All Assessments list, you view Assessment details and summary information. You can also edit or delete a user-created Assessment.

NOTE: You cannot edit or delete a built-in Assessment, so the Edit and Delete options will be disabled.

To view an Assessment:

  • Click the Assessments link.

To edit a user-created Assessment:

  1. Either

    • ln the All Assessments list, select the Assessment that you want to edit.

      OR

    • Open the Assessment that you want to edit.

  2. Click Edit.

  3. Update the Assessment as needed.

  4. Click Save.

To delete a user-created Assessment:

NOTE: Currently, you can only delete one Assessment at a time

  1. Either

    • ln the All Assessments list, select the Assessment that you want to delete.

      OR

    • Open the Assessment that you want to delete.

  2. Click Delete. You will be prompted to confirm the deletion.

Viewing Assessment Summary Information

The Assessment Summary is an AI-generated report that analyzes your organization’s assessment data to identify patterns and provide a clear, high-level overview of results. The summary reflects the assessments you’ve selected and includes all related domains and tenants.

The report includes the following sections:

  • Summary Overview

  • Key Findings

  • Assessment Workload Details – including discovered objects and vulnerabilities

  • Affected Workloads

  • Violations by Vulnerability Type

  • Violations by Workload Type

  • Collection History

  • Assessment History

NOTE: The Summary Report is powered by AI and may display differently each time it is generated.

To view Assessment Summary information:

  1. From the left navigation menu, choose Security | Assessments.

  2. ln the All Assessments list, do one of the following:

    • Select the checkbox next to Active Directory Security Assessment and/or Entra ID Security Assessment, then click Assessment Summary.

      OR

    • Select the desired domain or tenant, then click Assessment Summary.

  3. Click the Technical Summary button to generate the report.

  4. You can ask questions about the results or request changes to the summary format. For example, “Can you tell me more about the AD vulnerabilities?” Type your question or instruction in the provided text box and click Send.

  5. Use the Print or Copy options to save or share the report.

 

Assessment Results

You can access the results of an Assessment from the All Assessments list.

NOTE: You can only view Assessment results for one Active Directory domain or Entra ID tenant at a time. If the Assessment was run on more than one, you can switch to a different domain or tenant from the drop-down in the upper right corner of the Results page for the Assessment.

To access results for a selected Assessment: 

  • Click the corresponding Active Directory domain name or Entra ID tenant name in the Link to Results column.

The Results page for the Assessment provides the following information:

 

Summary of Assessment Vulnerabilities

From here you can access a summary of the last run of the selected Assessment, including:

  • the date and time the vulnerabilities within the Assessment were Assessed on

  • the date and time the data used to assess the vulnerabilities was Collected on.

NOTE: These fields display the signed-in user's local date and time.

 

Of the total number of Evaluated Vulnerabilities, a graph depicts color-coded results, as described below.

With Vulnerable Objects (n)
Without Vulnerable Objects (n)

With Inconclusive Results (n)

 

Summary of Last 7 Days

The summary shows the following information for the past seven days that the Assessment was run:

n Assessments in compliance
n Assessments with vulnerable objects
n Vulnerabilities found

 

Assessment Summary

The summary will reflect the specific assessment and the domain and tenant results currently being viewed.

 

Evaluated Vulnerabilities

A list of evaluated vulnerabilities, which provides the following information:

  • Discovery Type in which the vulnerability is defined

  • Vulnerability name, which links to vulnerability-specific detail, including any objects the vulnerability was detected in.

  • Security Guardian Intelligence: Click the Security Guardian Intelligence icon next to the vulnerability to view a detailed summary, including recent trends, key highlights, recommended remediation steps, and suggested follow-up questions to support further investigation.

  • Date and time when the vulnerability was Last Detected

    NOTE: This field displays the signed-in user's local date and time.

  • Number of Vulnerable Objects found

    NOTE: icon indicates that an error occurred while the vulnerability was being evaluated.

  • Number of Inconclusive results

  • Created by either:

    • System (for pre-defined Discoveries and Vulnerabilities)

    • User (for user-created Discoveries and Vulnerabilities)

  • a graphical representation of the 7 Day Trend for the Vulnerability

    TIP: Hover over the line graph to see the number of vulnerabilities (if any) detected per day.

 

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択