立即与支持人员聊天
与支持团队交流

Security Guardian Current - Release Notes

Release Notes

Quest® Security Guardian

October 10, 2024

 

These release notes provide information about Quest® Security Guardian deployments.

Quest® Security Guardian is an integrated On Demand solution that helps you keep the Active Directory domain(s) and Entra ID tenants in your organization secure.

You can:

  • Identify Tier Zero objects in Active Directory and Privileged objects in Entra ID.

  • Certify that objects are indeed Tier Zero or Privileged and, when Quest Change Auditor version 7.4 is integrated, protect Tier Zero against unauthorized or accidental modification or deletion.

  • Run pre-defined Security Assessments to identify vulnerabilities in Active Directory and Entra ID and create your own Assessments.

  • Investigate Findings for Tier Zero and Privileged objects, vulnerabilities identified through Assessments, and Critical Activity from On Demand Audit.

  • Have Findings forwarded to a SIEM tool and alerts sent to selected email recipients.

 

New Features

 

The following Active Directory vulnerabilities have been added to Discoveries:

  • Credential Access:

    • Domain trust without Kerberos AES encryption enabled

    • Kerberos KRBTGT account password has not changed recently
  • Privilege Escalation:

    • Non-Tier Zero account can use a misconfigured certificate template to impersonate any user

    • Suspicious ESX Admins group detected in domain

July 17, 2024

You can export the complete Tier Zero objects list to a csv file, for sharing with stakeholder and security assessment engagements.

 

July 02, 2024

The terminology for Indicator and Finding types has changed to better align with industry standards.

 

March 26, 2024

A Data Collections page has been added to Security Settings, which allows you to monitor Active Directory data collections within your organization. You can also:

  • manually run a data collection

  • disable data collections that you no longer want to run.

 

Enhancements

 

Enhancement Issue ID
MITRE ATT&CK TTPs have been added to Hygiene and Detected Indicators Findings Investigation pages. 494070
The reason(s) why an object is considered Tier Zero is displayed in object details and the Findings Investigation page for the object. 479695
In Assessment results for vulnerable computer and user objects, a column has been added to indicate whether the object is enabled or disabled. 481991

 

August 15, 2024

Enhancement Issue ID
To prevent system overload from exceptionally large data sets, a maximum of 100,000 objects will be displayed in the Assessment Results Vulnerable Objects list. 502873

August 1, 2024

Enhancement Issue ID
To simplify the user experience, Am I Exposed? no longer displays on the Findings Investigation page. 465773

Known Issues

The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.

Assessment known issues
Known Issue Issue ID

Due to the complexity of the query, an Assessment can evaluate a maximum of 10,000 Tier Zero objects for a vulnerability. If this limit is surpassed, results will be marked as Inconclusive with the following message:

Syntax error: Query length (2162372) too large (max: 2097152)

497529
自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级