ManageEngine Enhances AD360 With Risk Exposure Management and Local User MFA To Strengthen Identity Threat Defences

• The identity risk exposure management feature adds identity threat detection capabilities that help uncover how attackers could escalate privileges or move laterally within the environment
• With local user MFA, enterprises can extend enterprise-grade MFA to previously unmanaged local accounts
• Read about AD360's identity risk exposure management at https://mnge.it/riskexposuremgmt and local user MFA capabilities at https://mnge.it/local-user-mfa

ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, has announced the general availability of identity risk exposure management and local user MFA features in AD360, its converged identity and access management (IAM) platform. The release enables security teams to detect privilege escalation risks and secure unmanaged local accounts, two common identity attack vectors that attackers continue to exploit at scale.

Identity remains the primary attack vector in modern enterprises, as shown by Verizon's 2025 Data Breach Investigations Report, which found that credential abuse was the initial access vector in 22 per cent of breaches. The report also highlighted widespread abuse of poorly managed local accounts and privilege paths across over 12,000 confirmed breaches.

"With this release, ManageEngine AD360 moves beyond traditional IAM by embedding identity threat defences into core identity operations. By turning identity data into actionable security insights, we’re helping customers make IAM the first line of defence, not a check box," said Manikandan Thangaraj, vice president of ManageEngine.

While most IAM tools focus on provisioning and policy enforcement, AD360 adds risk exposure mapping via attack path analysis as well as local MFA enforcement, helping enterprises close attack paths that often go undetected. This marks a key step in identity management evolving from an access control layer into an active security control.

New Capabilities

• Identity risk exposure management: Graphbased analysis maps lateral movement and privilege escalation paths in Active Directory (AD), automatically prioritising risky configurations and recommending remediation steps. The graph engine models AD objects as nodes and privilege inheritance as lines, revealing multistep attack chains in real time, with actionable suggestions that IT teams can implement to close exposed paths.
• Local user MFA: This feature extends adaptive MFA to local accounts on nondomainjoined servers, DMZ assets, and test environments, thwarting credential stuffing and persistence techniques.
• MLdriven access recommendations: During provisioning and access review campaigns, machine learning analyses permission patterns and suggests adjustments to implement least privilege access, helping prevent excess entitlements.

Additionally, ManageEngine has enhanced AD360's access certification module, which now includes expanded entitlements for comprehensive review coverage, and the risk assessment capabilities feature new indicators for improved identity risk monitoring across AD and Microsoft 365 environments. These enhancements are designed to streamline compliance reporting and strengthen access governance across the enterprise. The new capabilities support NIST SP800-207 on Zero Trust architecture, align with PCI DSSVersion 4.0 Requirement 8, and facilitate SOX, HIPAA, and GDPR controls.

About AD360

ManageEngine AD360 is a unified identity platform that seamlessly connects people, technology, and experiences while giving enterprises full visibility and control over their identity infrastructure. It offers automated life cycle management; secure SSO; adaptive MFA; and risk-based governance, auditing, compliance, and identity analytics—all from a single, intuitive console. With extensive out-of-the-box integrations and support for custom connectors, AD360 easily integrates into existing IT ecosystems to enhance security and streamline identity operations. Trusted by leading enterprises across healthcare, finance, education, and government, AD360 simplifies identity management, fortifies security, and ensures compliance with evolving regulatory standards. For more information, please visit https://www.manageengine.com/active-directory-360/.

About ManageEngine

ManageEngine is a division of Zoho Corporation and a leading provider of IT management solutions for organizations across the world. With a powerful, flexible, and AI-powered digital enterprise management platform, we help businesses get their work done from anywhere and everywhere—better, safer, and faster. To learn more, visit www.manageengine.com.

© Scoop Media