PRINCIPAL SECURITY METRICS

The Principal Security Metrics dashboard provides comprehensive analysis of security principals - users, groups, and accounts - referenced in your NTFS permissions. View key statistics including total principals, account type breakdown (users vs. groups), security concerns count, and unresolved SIDs to understand who has access across your file systems.

Principal Distribution

Understanding the composition of security principals helps identify potential security gaps. The Principal Types breakdown shows the ratio of users to groups, domain accounts to local accounts, and built-in principals. A high ratio of individual users to groups may indicate opportunities for permission consolidation through group-based access control. The Principals by Domain analysis reveals cross-domain access patterns in multi-forest environments.

Top Principals

The Most Referenced Principals list identifies accounts that appear most frequently in ACLs across your file system. These represent key access patterns in your organization. Over-represented individual user accounts may indicate opportunities to consolidate permissions using security groups. Both tabular and chart visualizations help you quickly identify permission concentration.

Security Analysis

The Security Metrics tab highlights principals with elevated or concerning permissions. Identify accounts with Full Control access, privileged group memberships, and other high-risk configurations. Disabled accounts that still appear in ACLs represent security vulnerabilities and maintenance overhead. Orphaned or unresolved SIDs indicate accounts that no longer exist in Active Directory - these stale entries should be removed during regular security audits.