ManageEngine Enhances AD360 With Risk Exposure Management and Local User MFA Features to Strengthen Identity Threat Defenses
July 22, 2025 - ManageEngine , a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced the general availability of identity risk exposure management and local user MFA features in AD360 , its converged identity and access management (IAM) platform. The release enables security teams to detect privilege escalation risks and secure unmanaged local accounts, two common identity attack vectors that attackers continue to exploit at scale.
Identity remains the primary attack vector in modern enterprises, as shown by Verizon's 2025 Data Breach Investigations Report, which found that credential abuse was the initial access vector in 22% of breaches. The report also highlighted widespread abuse of poorly managed local accounts and privilege paths across over 12,000 confirmed breaches.
"With this release, ManageEngine AD360 moves beyond traditional IAM by embedding identity threat defenses into core identity operations. By turning identity data into actionable security insights, we're helping customers make IAM the first line of defense, not a check box," said Manikandan Thangaraj, vice president of ManageEngine.
While most IAM tools focus on provisioning and policy enforcement, AD360 adds risk exposure mapping via attack path analysis as well as local MFA enforcement, helping enterprises close attack paths that often go undetected. This marks a key step in identity management evolving from an access control layer into an active security control.
New Capabilities
- Identity risk exposure management: Graph-based analysis maps lateral movement and privilege escalation paths in Active Directory (AD), automatically prioritizing risky configurations and recommending remediation steps. The graph engine models AD objects as nodes and privilege inheritance as lines, revealing multistep attack chains in real time, with actionable suggestions that IT teams can implement to close exposed paths.
- Local user MFA: This feature extends MFA to local accounts on non-domain-joined servers, DMZ assets, and test environments, thwarting credential stuffing and persistence techniques.
- ML-driven access recommendations: During provisioning and access review campaigns, machine learning analyzes permission patterns and suggests adjustments to implement least privilege access, helping prevent excess entitlements.
Additionally, ManageEngine has enhanced AD360's access certification module, which now includes expanded entitlements for comprehensive review coverage, and the risk assessment capabilities feature new indicators for improved identity risk monitoring across AD and Microsoft 365 environments. These enhancements are designed to streamline compliance reporting and strengthen access governance across the enterprise. The new capabilities support NIST SP 800-207 on Zero Trust architecture, align with PCI DSS Version 4.0 Requirement 8, and facilitate SOX, HIPAA, and GDPR controls.
About AD360
ManageEngine AD360 is a unified identity platform that seamlessly connects people, technology, and experiences while giving enterprises full visibility and control over their identity infrastructure. It offers automated life cycle management; secure SSO; adaptive MFA; and risk-based governance, auditing, compliance, and identity analytics—all from a single, intuitive console. With extensive out-of-the-box integrations and support for custom connectors, AD360 easily integrates into existing IT ecosystems to enhance security and streamline identity operations. Trusted by leading enterprises across healthcare, finance, education, and government, AD360 simplifies identity management, fortifies security, and ensures compliance with evolving regulatory standards. For more information, please visit https://www.manageengine.com/active-directory-360/ .
ManageEngine AD360 solutions are available in Romania through Simple IT, ManageEngine Partner in Romania.
About Simple IT
SIMPLE IT is a distributor for software solutions and hardware appliances, adding value with consulting, training, implementation, configuration and support services, backed by certified specialists, in order to offer the best IT experience to customers and partners. For more information, please visit www.simpleit.com.ro.