ManageEngine Boosts Identity Threat Protection
▼ Summary
– ManageEngine introduced identity risk exposure management and local user MFA features in AD360 to address common identity attack vectors like privilege escalation and unmanaged local accounts.
– Verizon’s 2025 report found credential abuse caused 22% of breaches, highlighting risks from poorly managed local accounts and privilege paths.
– AD360’s graph-based analysis maps attack paths in Active Directory, prioritizing risky configurations and offering remediation steps in real time.
– The platform extends adaptive MFA to local accounts on non-domain-joined servers, DMZ assets, and test environments to counter credential stuffing.
– New ML-driven access recommendations and enhanced compliance features align with NIST, PCI DSS, and other regulatory standards to improve access governance.
ManageEngine has significantly strengthened its identity security capabilities with new risk exposure management and multi-factor authentication features in its AD360 platform. These enhancements address critical vulnerabilities that cybercriminals frequently exploit, particularly privilege escalation risks and unsecured local accounts.
Recent studies, including Verizon’s 2025 Data Breach Investigations Report, reveal that credential abuse remains a top attack vector, responsible for 22% of breaches. Poorly managed local accounts and excessive privileges continue to plague organizations, making these updates particularly timely for enterprises looking to bolster their defenses.
The latest version of AD360 shifts the focus from basic identity and access management (IAM) to proactive threat protection. By integrating security insights directly into identity operations, the platform helps organizations transform IAM from a compliance requirement into a frontline security measure.
Key features introduced in this release include:
Identity Risk Exposure Management A graph-based analysis tool identifies potential attack paths within Active Directory environments. By visualizing privilege inheritance and lateral movement risks, IT teams receive prioritized recommendations to mitigate vulnerabilities before they’re exploited.
Local User MFA Enforcement Extending multi-factor authentication to local accounts, including those on non-domain-joined servers and DMZ assets, helps prevent credential stuffing and unauthorized persistence. This is particularly valuable for securing test environments and isolated systems that often fall outside traditional security measures.
Machine Learning-Driven Access Recommendations During user provisioning and access reviews, AI analyzes permission patterns to suggest adjustments that enforce the principle of least privilege. This reduces the risk of excessive entitlements, a common weak point in identity security.
Beyond these core features, AD360 now offers improved access certification and risk assessment tools. These updates provide better visibility into entitlements across hybrid environments, including Microsoft 365, while simplifying compliance with frameworks like NIST SP 800-207, PCI DSS 4.0, and GDPR.
The enhancements reflect a broader industry shift toward treating identity management as an active security control rather than just an administrative function. By embedding threat detection and mitigation directly into IAM workflows, ManageEngine aims to help organizations stay ahead of evolving cyber threats.
(Source: HelpNet Security)
