Gold Finger - Frequently Asked Questions

Frequently Asked Questions

1. What is Gold Finger?

   Gold Finger is a suite of eight Active Directory focused access assessment tools that are architected by former Program Manager for Active Directory Security and endorsed by Microsoft.

   The primary focus of Gold Finger is to help organizations be able to accurately and easily assess who has what access and who has what privilege escalation paths in Active Directory.






2. What is unique about Gold Finger?

   In light of its above stated primary focus, what makes Gold Finger unique is its unique ability to be able to accurately assess access, privileged access and privilege escalation paths in Active Directory.

   Specifically, there is one and only one correct way to accurately assess access and escalation paths in Active Directory, and that involves accurately determining effective permissions in Active Directory.

   This unique capability is manifested in four of its tools, which are unique to Gold Finger, and listed below.






3. Which tools are unique in Gold Finger?

   Gold Finger's unique accurate access assessment capabilities are manifested in its four primary, essential and flagship tools -

   1. Active Directory Effective Permissions Calculator - The world's only tool that can accurately calculate effective permissions on Active Directory objects.

   2. Active Directory Effective Access Auditor - The world's only tool that can accurately assess effective access on individual Active Directory objects, based on accurate effective permissions analysis.

   3. Active Directory Privileged Access Assessor - The world's only tool that can accurately assess privileged access on thousands of Active Directory objects domain-wide, based on accurate effective permissions analysis.

   4. Active Directory Privilege Escalation Path Identifier - The world's only tool that can accurately identify privilege escalation paths in Active Directory, based on accurate effective permissions analysis.

   These are the only tools in the world that can accurately make these paramount determinations, and tools 2 to 4 embody patented intellectual property in privileged access assessment and privilege escalation path identification.






4. Which others tools does Gold Finger include?

   In addition to its four unique tools (listed above), Gold Finger includes four additional tools to help organizations fulfill far simpler basic and common security/access audit/analysis/inventory needs -

   5. Active Directory Permissions Analyzer - An analysis tool that can comprehensively analyze security permissions in Active Directory.

   6. Active Directory ACL Analyzer and Exporter - An analysis tool that can analyze and export Active Directory access control lists (ACLs).

   7. Active Directory Group Membership Auditor - An audit tool that can easily enumerate user and group memberships in Active Directory.

   8. Active Directory Security Auditor - An audit tool that can easily perform basic security/inventory audits in Active Directory.

   These are several other tools in the world that can make these far simpler determinations. Our tools in this category are intended to provide organizations a professional-grade, trustworthy alternative.






5. What is the intended audience for Gold Finger?

   Gold Finger is designed to help an organization's Infrastructure Management, Cyber Security, Identity and Access Management, Privileged Access Management, Security Assessment, Audit and Compliance teams fulfill essential needs.

   Specifically, it can be of substantial help to anyone who may have a need to manage, configure, provision, delegate, assess or audit access in Active Directory (AD), or troubleshoot access related issues in AD integrated applications.

   In particular, it can be an indispensable tool for an organization's Enterprise Admins, Domain Admins, IT Directors, IT Managers, IT/Cyber Security Analysts, IT/Cyber Security Auditors, IT Support personnel and Penetration Testers.






6. What are the minimum requirements to use Gold Finger?

   The following are Gold Finger's minimum requirements -

   1. Installation - It can be installed on any computer that is running a currently supported version of Microsoft Windows (client or server) operating system. The computer need not be domain-joined.

   2. Access - Its use does not require any elevated or domain-admin level access. It can be used by anyone with a regular domain user account, which can belong to any domain in the Active Diectory forest.

   3. Network Ports - Its use does not require configuring any special network access or opening any additional ports, as it only relies on network ports needed for the standard operation of Active Directory.

   4. Changes to Active Directory - Its use does not require any changes to Active Directory i.e. no Schema extensions, no admin access, no installation of any agents or services, and no access to the Internet.

   5. Internet Access - Its use does not require any access to the Internet. In fact, it is specifically built to be able to be used and be completely operational in completely isolated (standalone) environments.

   Note - The installation of Gold Finger on a Windows computer may require local (machine-level) admin access, as determined by the installer, as this is required to successfully install (any needed) redistributable Microsoft Windows platform dependencies.






7. How long does it take to get started with Gold Finger?

   It takes less than five minutes to download, install and start using Gold Finger.






8. How long does a typical Gold Finger assessment take?

   Gold Finger can accomplish in minutes, what usually takes weeks. Most assessments, including highly complex assessments, such as accurately determining who has what privileged access domain-wide, take a few minutes.






9. Can I try Gold Finger?

   Yes, to begin with, you can instantly download and try the free version of Gold Finger Mini. If it works in your environment, you can be assured that Gold Finger will also work in your environment.

   Subsequently, to get a hands-on feel of the Gold Finger Suite, you can also instantly download and try the free version of Gold Finger, which includes a limited version of the Security Auditor.

   Finally, if still needed, all existing and new Paramount Defenses customers can request a free trial of any next-tier access assessment tool in the Gold Finger suite pursuant to our trial policy.






10. What makes Gold Finger the GOLD standard for Active Directory Access Assessment?

    Gold Finger is the GOLD standard for Active Directory Access Assessment for the following reasons -

    1. Capability - It is the world's only tooling that can not only analyze permissions but also accurately assess effective permissions, effective access, privileged access and privilege escalation paths in Active Directory.

    2. Expertise - It is the world's only tooling that is architected by former Microsoft Program Manager for Active Directory Security (and is thus based on authoritative subject matter expertise) and endorsed by Microsoft.

    3. Ease of Use - It is the world's only such tooling that can be installed in minutes, used by anyone, does not require any administrative access to use, and can accomplish all its objectives at the touch of a button.

    4. Privacy - It is the world's only such tooling that does not require any external (e.g. Internet, Cloud etc.) access to use, and does not collect, store, transmit or share any data outside of a customer's environment.

    5. Trustworthiness - It is the world's only such tooling that also sets the bar for trustworthiness, having been engineered with security in mind, built to the highest standards, rigorously tested and formidably secured.