Do you check your AD security with PingCastle?

Updated by Brady Stroud [SSW] 1 year ago. See history

123
"Active directory is quickly becoming a critical failure point in any big sized company, as it is both complex and costly to secure..." - PingCastle

PingCastle is an Active Directory auditing tool. It checks your accounts, computers and configuration in AD and gives you a great report on things that should be addressed. It is a tool that should be run periodically - every 3-6 months - to keep AD secure. PingCastle is easy to install and run - see their documentation for more information. It is free to use in your own environment, or there are paid versions for MSPs and larger enterprises.

❌ Figure: ![Bad example - The PingCastle report shows there is a lot of work ahead](/uploads/rules/check-ad-security-with-pingcastle/pingcastle.png)

Once you have run it, you get a great report on your Active Directory security health, with detailed recommendations of what you need to fix.

Image

Figure: Example item from PingCastle, with detailed description and solution

Categories

Rules to Better Active Directory
acknowledgements
related rules