FILE PERMISSIONS REPORT
The File Permissions Report identifies files with NTFS permissions that deviate from their parent folders - a critical capability for detecting security vulnerabilities at the file level. Advanced filtering, sorting, and grouping features make it easy to isolate specific entries, customize report layouts, and export findings for compliance documentation.
Configurable Detection Criteria
The file permissions report offers granular control over which files are included. Configure the report to detect non-inheriting files that have broken inheritance from their parent folder, overexposed files granting access to broadly-scoped groups like Everyone or Authenticated Users, files with permissions not present on their parent folder, or files with permissions present only on their parent. Each detection type can be independently enabled or disabled.
Overexposure Detection
The overexposed file detection feature identifies files granting explicit access to high-risk security principals. Configure which groups trigger overexposure alerts - including Everyone, Authenticated Users, Domain Users, and Anonymous Logon - with individual permission thresholds (Read, Write, Modify, or Full Control) for each group. This targeted approach helps you focus on the most significant security risks in your environment.
Permission Comparison Options
Fine-tune how file permissions are compared against parent folder permissions. Compare by type (allow vs. deny), inheritance status, and access rights to control the sensitivity of deviation detection. Enable inclusion detail tracking to see exactly why each file was included in the report, with expandable row details showing permission differences and overexposure violations.
File Exclusion Controls
Reduce noise by excluding files based on attributes (system, hidden, or temporary files) or filename patterns. The pattern-based exclusion system supports wildcards and allows you to filter out backup files, temporary data, and other files that don't require security review. Set a maximum entry limit to control report size when analyzing large file systems with many permission deviations.
Interactive Report Grid
The report grid displays file name, inheritance status, overexposure status, owner, modification date, inclusion reason, and folder path. Expand any row to view detailed permission differences showing exactly which permissions differ between the file and its parent, plus any overexposure violations with the triggering group, configured threshold, and actual granted access level. Right-click context menus provide quick access to open files, parent folders, command prompts, and Windows security properties dialogs.