Buy

Active Directory Permissions Analyzer

Perform powerful, comprehensive Active Directory permissions analysis, domain-wide, at a button's touch.

"We are very pleased to see Paramount Defenses, a valued Microsoft partner, offer an innovative security solution (in Gold Finger) that helps enhance security and compliance in Active Directory environments."

Charles Coates, Senior Product Manager      
Identity and Security Business Group

Microsoft Logo
Active Directory Permissions Analyzer

Active Directory Permissions Analyzer

Active Directory Expert

Overview

Organizations often need to be able to analyze security permissions provisioned in their foundational Active Directory deployments to manage access provisioned in Active Directory or to find glaring vulnerabilities in access provisioning.

Active Directory Permissions Analyzer is a specialized audit tool designed by former Microsoft Program Manager for Active Directory Security to help IT groups and personnel easily, instantly and trustworthily fulfill this need.

It automates Active Directory security permissions analysis by making it really easy for organizations to easily, instantly and comprehensively analyze who has what permissions, where and which ones, all at the touch of a button.

Features

Active Directory Permissions Analysis
Comprehensive Permissions Analysis

Comprehensively analyze Active Directory permissions domain-wide

Rich Permissions Analysis Criteria
Rich Permissions Analysis Criteria

Analyze based on Allow/Deny, Explicit/Inherited and any permission

Complete Schema Availability
Complete Schema Availability

Specify any default/custom Schema class, attribute or extended right

Security Principal Specific Analysis
Security Principal Specific Analysis

Find permissions granted to a specific domain user, computer or group

Full Customization and Data Analysis Exports
Full Customization and Data Analysis Exports

Customize analysis scope using LDAP filters, and export results

Technical Summary

Technical Summary

Active Directory Permissions Analyzer fully automates Active Directory permissions analysis by making it really easy for organizations to comprehensively analyze who has what permissions, where and which ones, as well as where all does a specific user or group have any permissions, to help identify vulnerabilities in Active Directory permissions.

Benefits
Effortlessly Analyze AD Permissions
Effortlessly Analyze AD Permissions

Perform powerful, comprehensive Active Directory permissions analysis

Perform Real-time Permissions Analysis
Perform Real-time Permissions Analysis

Perform real-time, domain-wide Active Directory permissions analysis

Analyze Permissions Using Any Criteria
Analyze Permissions Using Any Criteria

Analyze access by type, inheritance, permissions and security principals

Zero Requirements
Zero Requirements

Perform audits without requiring admin rights, agents or services

Peace of Mind
Peace of Mind

Have peace of mind knowing you're using a trustworthy tool made in USA

Example Reports

The following real-world examples illustrate the Active Directory Permissions Analyzer's capabilities -

  • Identify all security principals that have any permissions granted anywhere in the Corp domain.
  • Identify all security groups that have All Extended Rights granted anywhere in the Corp domain.
  • Identify all security principals that have Delete permissions granted on any OU in the Corp domain.
  • Find out if the Temporary Contractors group is granted any security permissions in the Headquarters OU.
  • Find out which users are explicitly granted the Create Child - User permission anywhere in the Headquarters OU.
  • Find out which security permissions, if any, are granted to a specific user, John Doe, anywhere in the Production OU.
  • Find out who has any kind of Deny permissions anywhere in the Corp domain, and whether they are Explicit or Inherited.
  • Identify all users that have the Reset Password extended right granted on any domain user accounts in the Executives OU.
  • Determine whether a specific user has Write Property - Member permissions on any privileged groups in the Corp domain.
  • Find out who has the Get Replication Changes and Get Replication Changes All extended rights on the domain root object.
We Care Deeply

Requirements and Licensing

Active Directory Permissions Analyzer can be instantly downloaded, installed and run on any Windows computer. Its use does not require any admin privileges, any changes to or any knowledge of Active Directory.

The tool is licensed on a subscription model, and can be licensed on a monthly, quarterly or annual basis.

"We use the Gold Finger from Paramount Defenses to fulfill our Active Directory Audit needs. It saves us a lot of time and effort and we would recommend it to anyone who needs to perform Active Directory audits trustworthily and cost-effectively. Great product, great support."

Sean Seeliger, Architect

Ask a Question

Ask a Question
Download Free Version

Download Free Version
Buy a License

Buy a License

Our Global Customers

  • Australian Government
  • United States Treasury
  • British Government
  • Government of Canada
  • British Petroleum
  • Ernst and Young
  • Saudi Arabian Monetary Agency
  • Juniper Networks
  • U.S. Department of Defense
  • Microsoft Corporation
  • United Nations
  • Quantium
  • Nestle
  • IBM Corporation
  • U.S. Federal Aviation Administration
  • Columbia University

Privileged Access Assessment Innovation

Privileged Access Assessment Innovation

Privileged Access Assessment Tooling

Privileged Access Assessment Tooling

Privileged Access Assessment Service

Privileged Access Assessment Service

Your Privacy

We use cookies to provide you the best online experience. Please let us know if you accept these cookies.