EtcSecBeta
AD + Entra ID identity security — in minutes

Identity Security Audit — AD & Entra ID

How EtcSec audits identity across Active Directory and Microsoft Entra ID: 498 detectors, MITRE ATT&CK mapping, ANSSI / NIS2 / HDS compliance and a continuous remediation workflow.

498
Vulnerability Types
<5min
Analysis Time
Self-Hosted Collector
2
Platforms Covered

Three Simple Steps

1

Deploy the Collector

Run our lightweight Docker collector on your network. It connects securely to your identity provider via LDAP (AD), Graph API (Azure), or Admin SDK (Google Workspace).

2

Run the Audit

Connect to your collector from our web interface. The audit engine analyzes named detections for Active Directory and Entra ID with live progress tracking.

3

Get Actionable Report

Receive a prioritized list of vulnerabilities with remediation scripts and compliance mapping. Export as PDF for stakeholders or JSON for integration.

Security & Privacy First

The collector runs on your infrastructure — you control the deployment. In standalone mode, all data stays local. In SaaS mode, data is securely transmitted to the dashboard for analysis.

Self-Hosted Collector
Runs on your infrastructure
No Cloud Dependency
Works in air-gapped environments
Read-Only Access
Collector never modifies data

Comprehensive Security Coverage

498 unique detectors across Active Directory and Microsoft Entra ID

Active Directory

On-premises identity

340
Critical43 checks
High129 checks
Medium138 checks
Low18 checks
  • Password security (empty, plaintext, weak)
  • Kerberos attacks (AS-REP, Kerberoasting)
  • Delegation vulnerabilities
  • Privileged account review
  • ADCS certificate risks (ESC1-11)

Entra ID

Microsoft cloud identity

158
Critical24 checks
High68 checks
Medium57 checks
Low9 checks
  • Conditional Access policy gaps
  • MFA enforcement audit
  • PIM configuration review
  • Guest user analysis
  • App permissions review
  • Risky users & sign-ins

Aligned with industry frameworks

NISTGDPRMITRE ATT&CKCISANSSI

What you get in 5 minutes

Everything you need to walk into a GRC or security meeting with real numbers — not a 60-page PDF nobody will read.

Score out of 100

Weighted against 498 detectors — higher is safer. Track drift after every audit.

Ranked findings

Every weakness, sorted by severity and exploitability, with affected users / computers / groups.

MITRE ATT&CK mapping

Each finding tagged with the attacker tactic and technique so you can brief SOC or red team in plain language.

Remediation scripts

Copy-ready PowerShell and Graph snippets. Close the low-hanging fixes before the meeting ends.

Executive PDF

One-click export for audit files, compliance reviews or board readouts — no watermark.

Compliance mapping

ANSSI, NIS2, HDS, ISO 27001 mappings on every finding so your audit files fill themselves.

Frequently asked questions

What is an AD security audit?

A systematic review of your Active Directory or Entra ID tenant against known misconfigurations, privileged-access weaknesses, password policies, Kerberos attacks, ADCS issues and lateral-movement paths. EtcSec runs 498 checks across both directories in under 5 minutes.

How often should I audit Active Directory?

Continuously. The threat surface shifts with every new user, group, GPO or permission change. Most teams run a full audit weekly and a lightweight scan daily. EtcSec Premium automates the schedule.

Does this replace a pentest?

No. A pentest validates exploitability against a human attacker; an audit catches misconfigurations before they become the pentester's opening move. Use both — EtcSec feeds the pentest scope.

Is EtcSec aligned with ANSSI requirements?

Yes. Every finding is mapped to ANSSI PA-099 (v1.0, 2023), BP-039 and the ANSSI Hygiene Guide, plus NIS2, HDS, RGPD, CIS v8, NIST 800-53 and DISA STIG. You can export PDFs structured by framework.

What does the collector do?

It runs read-only LDAP and Graph queries, serializes the result into structured JSON, and uploads it over TLS. It never modifies AD or Entra. Source is on GitHub — audit it yourself.

Can I audit Entra ID only?

Yes. Point the trial or the collector at your tenant with a read-only Graph app and you get 158 Entra ID detectors covering Conditional Access, MFA, PIM, guest users, app permissions and risky sign-ins.

Where is my data stored?

Audit data is encrypted at rest in Postgres hosted in the EU. Credentials are encrypted in memory only — never written to disk. Trial data is purged after 7 days automatically.

Can I try EtcSec without signing up?

Yes — the free trial at /trial runs a full audit anonymously in under 2 minutes. No credit card, no email required. Sign up only if you want to keep the report past 7 days.

Which compliance frameworks are supported?

ANSSI (PA-099, BP-039, Hygiene Guide), NIS2, HDS, RGPD, CIS v8, NIST 800-53, DISA STIG. Each finding carries tags so you can filter by framework.

Can I export the results?

Yes — PDF for stakeholders, JSON for integration with SIEM/SOAR, CSV for spreadsheets. Trial exports are free; Premium accounts get unlimited and historical exports.

Identity Security Resources

Explore the identity security pages that support this topic

Explore detailed pages for Active Directory, Entra ID, ETC Collector deployment, and side-by-side product comparisons.

Standalone mode available • No credit card required • Results in minutes

Last updated · by the EtcSec security team

AltStyle によって変換されたページ (->オリジナル) /