- Who can reset my (as in your) Active Directory account's password?
- Who can reset an executive's Active Directory account's password?
- Who can reset an Active Directory privileged account's password?
- Who can change the Domain Admins security group's membership?
- Who can change security permissions on the AdminSDHolder object?
- Who can create an Active Directory account in the Users container?
- Who can link a group policy (GPO) to the Domain Controllers OU?
- Who can enable a disabled Active Directory account?
The official blog of Paramount Defenses, the world's #1 cyber security company in Privileged Access Audit and Active Directory Security.
Tuesday, February 2, 2021
Introducing Gold Finger Mini
Folks,
As CEO of Paramount Defenses and as former Microsoft Program Manager for Active Directory Security, it is my privilege and pleasure to introduce Gold Finger Mini, possibly the world's most powerful and capable cyber security solution -
Gold Finger Mini is the world's only cyber security solution (other than Gold Finger) that can accurately and instantly find out and reveal exactly who has sufficient privileged access in Active Directory so as to be able to perform the most critical administrative tasks in an Active Directory environment, the enactment of which could result in an Active Directory breach.
Unrivaled Privileged Access Insight
Gold Finger Mini is simply the world's only solution that can instantly and accurately determine and reveal exactly -
You may know that anyone who can enact any privileged task in red above could instantly compromise Active Directory.
However, what you may not know is that, contrary to popular belief, it is very difficult to accurately find out who can enact these privileged tasks in Active Directory, because to do so, one needs to determine Active Directory effective permissions.
Gold Finger Mini is simply the world's only cyber security solution (other than Gold Finger) that can accurately determine effective permissions in Active Directory and accurately make these paramount determinations, at the touch of a button, so now everyone can instantly find out exactly who has some of the most powerful privileged access in any Active Directory.
Instant High-Value Intelligence
As you know, such critical information can be very valuable if you're performing an Active Directory Privileged Access Audit or an Active Directory Security Assessment or if you're trying to pen-test/ethically hack an organization's Active Directory.
If you could find out exactly who can change the membership of the Domain Admins security group in Active Directory, or who can reset the password of any domain admin account, or who can modify the ACL protecting the AdminSDHolder account, you'd be just one step away from being able to obtain Domain Admin level privileged access in an organization.
If you were on the defending side, you could instantly lock down privileged access in Active Directory to remove any and all such critical unauthorized access that could instantly result in a massive breach, and if you're on the attacking side, you could instantly identify the quickest and shortest privilege escalation path leading to Domain Admin in an organization.
With Gold Finger Mini, you can make these paramount determinations at the touch of a button, within seconds, without requiring any admin access or having to do complex Active Directory permissions analysis. One click and you're done!
The Advanced Level
That's not all. What I have described above is merely what one can do at Basic level. There is also an Advanced level for professionals and the information it delivers is the most advanced Active Directory privileged access insight one can gain.
I'll cover the Advanced level reports in a separate post because those reports are so powerful that the insights they reveal could be used to find out exactly who can enact what administrative tasks on almost any object in Active Directory, and that intel could easily be used to determine 1000s of privilege escalation paths to almost every object in Active Directory.
The Free Edition
Gold Finger Mini is available in two licensable (paid) editions and one free edition. In days to come, we will share details about the paid editions of Gold Finger Mini. Today, I just wanted to share this much with you, and let you know the power of Gold Finger is now available to everyone in Gold Finger Mini, and the free edition is now available on our website.
The free edition is 100% free, instantly downloadable and can be installed on any domain-joined machine in a minute.
Press Release
To summarize, Gold Finger Mini democratizes the unique, high-value, unrivaled cyber security intelligence that our flagship Gold Finger tooling can deliver, and in doing so, it empowers thousands of organizations and millions of IT professionals worldwide to easily, cost-effectively and instantly obtain mission-critical Active Directory privileged access insights.
For more info, and to download the free version, please visit - www.paramountdefenses.com/products/goldfinger-mini
Best wishes,
Sanjay
PS: This is the announcement I had alluded to a few days ago, and if you haven't yet figured out how this one little thing could profoundly impact foundational cyber security worldwide, don't worry, in a few days you will have figured it out :-)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment