Free Active Directory Privileged Access Assessment
We offer a free Active Directory Privileged Access Assessment service to help organizations find out how many users have privileged access in Active Directory.
Active Directory is the foundation of IT and cyber security, and the heart of privileged access at most organizations worldwide,
thus the need to know exactly how many users have privileged access in an organization's Active Directory is paramount.
A Unique Free Service
Our unique Active Directory Privileged Access Assessment service is completely free* and designed to help organizations easily and instantly identify how many users have privileged access in their Active Directory today.
Specifically, it enables organizations to instantly identify exactly how many users can -
Create, manage and delete identities (user accounts) in Active Directory
Create, manage and delete security groups in Active Directory
Create, manage and delete OUs in Active Directory
Replicate secrets from Active Directory
Change access in Active Directory
For a complete list of insights, please see Paramount Active Directory Privileged Access Insights below.
* There is absolutely no charge for the service, and no obligation. For details, see FAQ below.
Paramount Active Directory Privileged Access Insights
This service helps organizations identify exactly -
- How many users can replicate secrets (password hashes) from Active Directory?
- How many users can modify the ACL protecting the domain-root and AdminSDHolder objects?
- How many users can create, manage and delete accounts, security groups and OUs in Active Directory?
- How many users can modify the ACLs protecting accounts, security groups and OUs in Active Directory?
- How many users can change the membership of any/all domain security groups in Active Directory?
- How many users can link a malicious GPO to any/all OUs in Active Directory to unleash ransomware?
- How many users can reset the passwords of any/all regular and privileged user accounts in Active Directory?
- How many users can disable the use of Smartcards for interactive logon on user accounts in Active Directory?
- How many users can change unrestricted/delegated privileged access currently provisioned in Active Directory?
- How many users can compromise AD integrated apps/services (e.g. Azure Connect) by modifying AD contents?
Powered by Gold Finger
This unique free service is powered by our unique, unrivaled, Microsoft-endorsed Gold Finger tooling
and is remotely performed via online conferencing in collaboration with your organization's IT personnel.
Valuable Benefits
Perform an Active Directory Access Review
Assess Privileged Access in Active Directory
Assess Administrative Delegations in Active Directory
Identify Number of Privileged Users in Active Directory
Assess Attack Surface in Active Directory
A Limited Opportunity
At Paramount Defenses, we care deeply about the foundational cyber security of all organizations worldwide, and are happy to be able to offer this unique and valuable service free of cost to help organizations across the world.
Today, thousands of organizations in over a hundred and seventy countries worldwide operate on Active Directory (AD), and that makes it difficult for us to be able to offer this service to every single organization that may wish to avail of it.
We are thus happy to offer this service to the first one thousand (1000) organizations that request it, from each country, at our discretion, and capacity permitting, we will strive to accommodate all additional requests on a best-efforts basis.
Request a Free Assessment
To request a complimentary Active Directory Privileged Assess Assessment, please use the form below. Kindly note that we are fully committed for the remainder of 2024, and our service bookings will re-commence in January 2025.
Frequently Asked Questions
Q 1. Why is the service offered for free?
This service is offered for free to help organizations assess their current exposure to risks arising from the presence of excessive/unauthorized access in Active Directory e.g. Active Directory Privilege Escalation, and to help organizations learn how to correctly assess access in Active Directory.
Q 2. How is the service performed, and how long does it require?
This service is performed remotely via a scheduled online conference service (e.g. WebEx). The service usually requires no more than one hour of scheduled time.
Q 3. How is Paramount Defenses able to make such paramount (privileged access) determinations in such a short span of time?
Paramount Defenses personnel use our unique Microsoft-endorsed Gold Finger software to make these paramount determinations in your Active Directory domain.Gold Finger's fully-automated Active Directory access assessment capabilities can automatically accurately assess access on thousands of objects in minutes.
Q 4. What are the technical requirements for this service?
The only technical requirement is that Gold Finger and a custom license will need to be installed on a computer that has access to your Active Directory domain.To build and deliver your custom Gold Finger license, the domain DNS name of the Active Directory domain you wish to avail of this service in, will be required.
Q 5. Is any administrative/privileged access required for this service?
No administrative/privileged access in Active Directory is required to avail of this service. Anyone with a domain user account should be able to avail of this service. Local (machine-level) administrator access may be required to install Gold Finger and its license on the computer that will be used during the online conference.
Q 6. Will Paramount Defenses personnel have access to our Active Directory?
Paramount Defenses personnel will have no access to your Active Directory, except for visual read access during the performance of the service as the service is performed using remote control assistance in WebEx/Zoom, in collaboration with and under the supervision of your organization.
Q 7. How many times can an organization request this free service?
Most organizations worldwide can request and avail of this complimentary service one time. Paramount Defenses reserves the right to perform this service including the right to refuse to perform the service for security, operational or other reasons. The service is subject to the terms of the Gold Finger EULA.
Q 8. Can we get an idea of how this service works before requesting it?
Yes. You can do so by downloading and using the free version of our Gold Finger Mini tooling. Whilst Gold Finger Mini can assess access on individual objects, this service utilizes Gold Finger's fully-automated domain-wide access assessment capabilities, which can assess access on thousands of objects.
Q 9. Can we have multiple organizational personnel on the online conference call?
Yes. You can invite up to twenty organizational personnel to the online conference call via which the service is delivered, such as your Domain Admins, Enterprise Admins, IT Directors, IT Auditors, Security Compliance Personnel, Cyber Security Managers and/or your Chief Information Security Officer (CISO).
Q 10. I have more questions. Can I speak to someone regarding this service?
Yes. You can call us at (001)-949-468-5770 during normal business hours (U.S. Pacific Time), or have us contact you.
Our Global Customers