Viewing Assessment Summary Information
The Assessment Summary is an AI-generated report that analyzes your organization’s assessment data to identify patterns and provide a clear, high-level overview of results. The summary reflects the assessments you’ve selected and includes all related domains and tenants.
The report includes the following sections:
-
Key Findings
-
Assessment Workload Details – including discovered objects and vulnerabilities
-
Affected Workloads
-
Violations by Vulnerability Type
-
Violations by Workload Type
-
Collection History
-
Assessment History
|
|
NOTE: The Summary Report is powered by AI and may display differently each time it is generated. |
To view Assessment Summary information:
-
From the left navigation menu, choose Security | Assessments.
-
ln the All Assessments list, do one of the following:
-
Select the checkbox next to Active Directory Security Assessment and/or Entra ID Security Assessment, then click Assessment Summary.
OR
-
Select the desired domain or tenant, then click Assessment Summary.
-
Click the Technical Summary button to generate the report.
-
You can ask questions about the results or request changes to the summary format. For example, “Can you tell me more about the AD vulnerabilities?” Type your question or instruction in the provided text box and click Send.
-
Use the Print or Copy options to save or share the report.
Assessment Results
You can access the results of an Assessment from the All Assessments list.
|
|
NOTE: You can only view Assessment results for one Active Directory domain or Entra ID tenant at a time. If the Assessment was run on more than one, you can switch to a different domain or tenant from the drop-down in the upper right corner of the Results page for the Assessment. |
To access results for a selected Assessment:
The Results page for the Assessment provides the following information:
Summary of Assessment Vulnerabilities
From here you can access a summary of the last run of the selected Assessment, including:
NOTE: These fields display the signed-in user's local date and time.
Of the total number of Evaluated Vulnerabilities, a graph depicts color-coded results, as described below.
Summary of Last 7 Days
The summary shows the following information for the past seven days that the Assessment was run:
| n |
 |
Assessments in compliance |
| n |
 |
Assessments with vulnerable objects |
| n |
 |
Vulnerabilities found |
Assessment Summary
The summary will reflect the specific assessment and the domain and tenant results currently being viewed.
Evaluated Vulnerabilities
A list of evaluated vulnerabilities, which provides the following information:
-
Discovery Type in which the vulnerability is defined
-
Vulnerability name, which links to vulnerability-specific detail, including any objects the vulnerability was detected in.
-
Security Guardian Intelligence: Click the Security Guardian Intelligence icon next to the vulnerability to view a detailed summary, including recent trends, key highlights, recommended remediation steps, and suggested follow-up questions to support further investigation.
-
Date and time when the vulnerability was Last Detected
|
|
NOTE: This field displays the signed-in user's local date and time. |
-
Number of Vulnerable Objects found
|
|
NOTE: A  icon indicates that an error occurred while the vulnerability was being evaluated. |
-
Number of Inconclusive results
- Created by either:
-
a graphical representation of the 7 Day Trend for the Vulnerability
|
|
TIP: Hover over the line graph to see the number of vulnerabilities (if any) detected per day. |
Viewing Details for an Assessed Vulnerability
When you select a Vulnerability from an Assessment's Results page, detail about the assessed vulnerability is displayed.
The left side of the page includes detailed information about the vulnerability as defined in the Discovery.
7 Day Assessment Trend
A graph depicts color-coded results over the past 7 days that the Assessment was run, as described below.
|
|
TIPS:
-
Select the Security Guardian Intelligence icon to review a summary of the vulnerability, including vulnerability trends, summary of key points, recommended remediation steps, and follow-up questions to support implementation.
-
You can click individual states in State Filtering so that only the states you want to focus on are displayed in the graph. (The Compliant Objects state is always hidden by default.)
-
Hover over the graph to display the number of vulnerable objects (if any) detected per day.
-
Click on an area of the graph to display details about that Assessment run in the list below. |
 |
Compliant objects |
 |
Vulnerable objects |
 |
Error
|
|
NOTE: An Error state indicates that an error occurred during data collection (for example, the server containing the objects to be evaluated could not be reached).
If an error occurred, the appropriate message displays. | |
 |
Inconclusive
|
|
NOTE: An Inconclusive state indicates that data could not be collected for a non-error-related reason. The reason may be:
-
The scope of an Assessment includes Tier Zero or Privileged objects but no Tier Zero or Privileged objects were found.
-
An Assessment involves both Active Directory and Entra Id workloads, but both are not configured.
-
The number of Tier Zero or Privileged objects exceeded the maximum number (10,000) that could be evaluated,
-
Permissions were insufficient to collect the data.
-
The Assessment requires a Premium license, but the Organization has a free license.
If results were inconclusive for individual objects, hover over the  icon for a description of the reason. | |
Below the graph is a list of the Vulnerable Objects (up to 100,000) found out of the total number of Assessed Objects for the selected area of the graph.
|
|
NOTES:
-
If a group is identified as vulnerable, all of the members of that group (including via nested groups) are included in the Vulnerable Objects total. Click the link to view the list of the affected objects.
-
If more than 100,000 vulnerable objects are returned, it is advisable to investigate why so many objects are found to be vulnerable. For example, all users may have been added to a group they don't belong in.
-
For User and Computer vulnerabilities, the column Is Account Enabled? is included, allowing you to prioritize enabled accounts when implementing a remediation.
-
For certain vulnerabilities, you can click the Principal Name or Display Name link to view detailed information about the object. This may include object properties, any affected Tier Zero objects, and group members (for group objects only). |
To download the Vulnerable Objects list to a CSV file:
The file will include all of the objects displayed in the Vulnerable Objects list.
Discoveries and Vulnerabilities
Discoveries are evaluated by Assessments to identify vulnerabilities in your organization's Active Directory and/or Entra ID. Security Guardian comes with several pre-defined Discoveries for Active Directory and Entra ID, and you can also create your own Discoveries.
