/dqc/media/agency_attachments/3bO5lX4bneNNijz3HbB7.jpg)
Follow Us/dqc/media/media_files/2025/07/24/ad360-update-2025-07-24-12-30-59.jpg)
AD360 update targets hidden IAM security gaps
ManageEngine has announced the general availability of new security-focused features in its identity and access management (IAM) solution, AD360. These additions include identity risk exposure management and multi-factor authentication (MFA) for local users—aimed at closing often-overlooked vulnerabilities such as privilege escalation paths and unmanaged endpoint accounts.
As identity-related breaches continue to rise, the update marks a strategic shift in AD360 from a traditional access governance tool to a more active layer of cyber defence.
According to the 2025 Data Breach Investigations Report by Verizon, credential misuse accounted for the initial access vector in 22 per cent of recorded breaches. The report also noted widespread abuse of misconfigured local accounts and undetected privilege paths across over 12,000 confirmed incidents.
Mapping identity risk in real time
With the introduction of identity risk exposure management, AD360 now uses a graph-based engine to model Active Directory (AD) environments. Each AD object—users, groups, policies—is represented as a node, while privilege inheritance is visualised through connected paths.
This structure enables security teams to identify multi-step privilege escalation chains and lateral movement risks in real time. The platform not only highlights these attack paths but also recommends corrective actions that administrators can take directly from the dashboard.
Extending MFA to unmanaged accounts
The second major addition is adaptive MFA for local user accounts that reside outside of the domain environment. These accounts, commonly found on DMZ assets, legacy infrastructure or test servers, are often exploited through credential stuffing and persistence techniques.
By enabling MFA for non-domain-joined machines, AD360 allows enterprises to secure these otherwise unprotected endpoints, significantly strengthening the identity perimeter.
Machine learning for intelligent access reviews
AD360 now incorporates a machine learning-driven access recommendation engine within its provisioning and certification modules. By analysing usage and permission patterns, the system can proactively suggest adjustments to user entitlements, promoting least privilege access without manual audits.
The system adapts continuously, factoring in changes to user roles, seasonal shifts in access, and potential anomalies. Over time, this helps reduce the impact radius in case of an account compromise.
Compliance integration and governance
Alongside these features, ManageEngine has enhanced the access certification module with broader entitlement coverage and added new risk indicators for AD and Microsoft 365 ecosystems.
These additions are designed to assist organisations in meeting compliance standards such as:
-
NIST SP 800‑207 (Zero Trust Architecture)
-
PCI DSS Version 4.0, Requirement 8
-
SOX, HIPAA, and GDPR
By embedding these requirements into identity workflows, the update aims to reduce the overhead typically associated with audit preparation and regulatory reporting.
Manikandan Thangaraj, VP, ManageEngine, said,
“With this release, ManageEngine AD360 moves beyond traditional IAM by embedding identity threat defences into core identity operations. By turning identity data into actionable security insights, we’re helping customers make IAM the first line of defence, not a check box.”
Strategic move amid rising threats
As identity becomes the most common point of breach in enterprise environments, the role of IAM is shifting. No longer a background process for provisioning and de-provisioning, modern IAM tools are expected to play a proactive role in detecting and preventing attacks.
ManageEngine’s recent update reflects that shift. By adding visibility into hidden identity risks and securing unmanaged access points, AD360 is positioning itself not just as an access management platform but as a frontline defence mechanism in today’s threat landscape.
Read More :
A fresh tech brain at KPMG: Gautam Bhattacharya to lead technology consulting
Check Point appoints Jonathan Zanger as CTO