‹ Back to Diagnose

Diagnose / detail

ACME Corp
high

Dormant privileged account active

A privileged service account idle 207 days still holds directory rights — a lateral-movement path.

SOC 2 →PCI-DSS → Open — Entra ID sign-in logs show 207 days idle

Root cause

A legacy service account (svc-legacy) retains privileged directory rights but has not authenticated in over 200 days. It was never decommissioned.

Business impact

Dormant privileged accounts are a favourite lateral-movement path. Their existence undermines least-privilege claims across every framework.

Mapped controls

NIST PR.AA-01
Fails while this gap is open
SOC 2 CC6.1
Fails while this gap is open
CIS 5.3
Fails while this gap is open