Even for modest size organizations AD is a complex lumbering giant that usually has accreted decades of permissions, objects, OU hierarchy and has been through mergers and acquisitions, reorganizations and different administrative teams and consultants. Without some good tooling there is no way to analyze AD down at the low-level details where vulnerabilities inevitably lurk.
I think you will love PingCastle. PingCastle is a free, open-source security auditing tool designed to quickly assess the posture of Active Directory (AD) environments. It automates a variety of checks—from basic health metrics to deep configuration and entitlement analyses—and produces human-readable HTML and XML reports so security teams can prioritize remediation and track improvements over time.
Something I find really significant is that PingCastle isn’t just a toolbox of disjointed reports—it codifies a structured assessment methodology that starts with baseline hygiene checks and progresses through advanced attack-path analysis. Every rule in its library maps to specific threat models and vulnerability patterns, and the built-in scoring engine assigns consistent risk levels to guide prioritization. By iterating scans, tuning severity thresholds, and benchmarking trends over time, PingCastle turns raw AD data into a repeatable, actionable security roadmap rather than a one-off status snapshot.
In this webinar I’ll introduce you to PingCastle and show:
- The methodology behind PingCastle’s health check scoring and risk-level assessment
- Techniques for mapping complex domain and forest trusts, including cross-forest and external relationships
- Strategies to detect and remediate delegation and ACL vulnerabilities that could enable privilege escalation
- Best practices for tailoring rule severity thresholds to match your organization’s risk tolerance
Some of the features we will cover include:
- Automated health check and overall risk scoring
- Active Directory topology and trust relationship mapping
- Delegation and ACL vulnerability discovery
- Enumeration of GPOs, user and computer inventories
- Custom rule-set configuration and severity threshold tuning
- XML/HTML report generation, consolidation, and benchmarking
- Interactive dashboards with business context
- Command-line automation and scheduling
- In product remediation tracking and workflow management
- Netwrix 1Secure – Netwrix New SaaS Identity Security Application
PingCastle is a real tool with real value and you don’t get the rug pulled out from under your feet after using it for a year. You’ll see how to perform automated health checks, visualize domain topology, uncover risky ACLs, and convert raw findings into prioritized remediation plans.
Our sponsor for this real training for free event is Netwrix and Joe Dibley will show you:
- How to download and run PingCastle
- How to Remediate PingCastle Risks
- AD Certificate Service ESC1 check
- Critical ACL Attack Paths with Multiple Takeover Options
- How to use PingCastle Enterprise to plan remediation work and how it automatically tracks the fixes
- Netwrix’s new SaaS solution for identity and security
- Risk Assessment with AI Remediation Guidance
- Reporting capabilities
Please join us for this real training for free session.