"We are very pleased to see Paramount Defenses, a valued Microsoft partner, offer an innovative security solution (in Gold Finger) that helps enhance security and compliance in Active Directory environments."
– Charles Coats, Senior Product Manager,
Identity and Security Business Group
Organizations worldwide have a need to be able to audit the contents and state of their foundational Active Directory deployments to maintain security and demonstrate regulatory compliance.
Our Gold Finger Active Directory Security Audit Tool was designed to empower organizations fulfill this exact need.
It can instantly, accurately and trustworthily audit –
All domain user accounts (e.g. active, inactive, locked, expired, custom LDAP filtered, administrative)
All domain computer accounts (e.g. DCs, active, inactive, operating system, trusted for delegation)
All domain security groups (e.g. builtin, domain local, global, universal, empty, administrative)
All organizational Units (OUs), service connection points, print-queues, contacts, quotas etc.
True last-logon times for all domain user and computer accounts, and the authenticating DC
In fact, only Gold Finger is designed by former Microsoft Program Manager for Active Directory Security, endorsed by Microsoft and trusted by the world's top organizations. It is the world's most capable, valuable and trustworthy Active Directory Audit Tool.
Gold Finger embodies innovative features designed to help organizations effortlessly perform Active Directory Security Audits –
Custom LDAP Filters – Customize any built-in report by specifying an LDAP filter of your choice (e.g. (title=C*O))
LDAP Filter Library – Define and use a custom LDAP filter library to easily generate a repeatable set of audit reports
Scope and Depth Control – Target any scope (domain, OU, container etc.) and optionally restrict scope up to 10 levels
DC Specific Analysis and Alternate Credential Use – Target any Domain Controller, as well as use alternate credentials
True Last Logon Reports – Generate 9 True Last-logon reports based on non-replicated lastLogon attribute from all DCs
Last Logon DC Identification – Identify the DC that authenticated the actual last logon of any user or computer account
Data Exports – Instantly export data from Active Directory (domain, OU etc.), including based on custom LDAP filters
Professional-grade PDF Report Generation – Generate fully customizable, ready-to-furnish professional-grade PDF reports
PDF Report Customization – Customize the heading, description and fields of PDF reports, and add an organizational logo
The following are some real-world examples that illustrate the capabilities of our Gold Finger Active Directory Security Audit Tool –
Identify all domain user accounts in Active Directory, including their state, status (active/stale) and last-logon times.
List all domain computer accounts in Active Directory, including their operating system, status and DNS name.
Enumerate all domain security groups in Active Directory, including their type and other details.
Enumerate the entire contents (accounts, groups etc.) of any Organizational Unit (OU) in Active Directory.
Identify all accounts and groups that are considered/marked as administrative by Active Directory.
Enumerate the list of all active and inactive domain user accounts (based on True Last Logon ).
Identify all computer accounts that are trusted for unconstrained delegation in Active Directory.
Identify all accounts based on a specific criteria such as a combined value of Title and a custom defined attribute Division.
View the details of the CEO's domain user account, easily export them to a CSV file, or generate a professional-grade PDF report.
Generate a professional-grade audit report in PDF format that lists all Active Directory user accounts, including their state and status.
Benefits and Solutions
Our Gold Finger Active Directory Security Audit Tool delivers the following valuable and measurable benefits –
Instantly, easily and trustworthily perform a complete or custom inventory of Active Directory content.
Easily audit, export and document the state, status and settings of any, some or all resources stored in Active Directory.
Efficiently, cost-effectively and trustworthily fulfill all basic and essential Active Directory security audit requirements.
Easily gain valuable visibility into vital Active Directory content and perform an Active Directory recon without admin rights.
Effortlessly generate Active Directory security audit reports to fulfill regulatory compliance and cyber security reporting needs.
Obtain 365-24-7, on-demand, real-time insight into the security state of all vital IT resources and content stored in Active Directory.
In addition, Gold Finger also helps organizations implement 5 essential cyber security solutions for –
1. Active Directory Security
3. Attack Surface Reduction
5. Audit and Compliance
2. Privileged Access Audit
4. Insider Threat Protection
As such, only Gold Finger's unique capabilities empower organizations worldwide to fulfill all their Active Directory audit (i.e. security, membership, permissions, effective permissions/access and effective privileged access audit) needs.
The tool can be instantly downloaded, installed and run on any Windows computer in under 2 minutes. Its use does not require any admin privileges or any changes to Active Directory. See FAQ.
The tool can be licensed on a short-term (weekly, monthly, quarterly) as well as a long-term (annual) basis. Short-term licenses are ideal for independent consultants and small projects and long-term licenses are ideal for long-term organizational use. A 1-week, 1-user license for use in 1 domain starts at just US $99 and can be instantly purchased by clicking the Buy Now button below.
"We use the Gold Finger from Paramount Defenses to fulfill our Active Directory Audit needs. It saves us a lot of time and effort and we would recommend it to anyone who needs to perform Active Directory audits trustworthily and cost-effectively. Great product, great support."