creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-16 16:03:17 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-service-account-audit/references/workflows.md
T

989 B
Raw Blame History

Service Account Audit Workflows

Workflow 1: Discovery Phase

  1. Export AD service accounts using PowerShell/LDAP queries
  2. Export cloud IAM service accounts (AWS credential report, Azure SP list, GCP SA list)
  3. Query databases for application-specific service accounts
  4. Consolidate into single inventory spreadsheet
  5. Cross-reference with CMDB for ownership data

Workflow 2: Assessment Phase

  1. Check each account against privilege policy
  2. Verify password/key rotation compliance (90-day max)
  3. Check last logon/activity date
  4. Validate owner assignment against HR data
  5. Flag accounts meeting orphaned/stale/over-privileged criteria

Workflow 3: Remediation Phase

  1. Contact owners of over-privileged accounts for justification
  2. Plan gMSA migration for eligible Windows service accounts
  3. Disable orphaned accounts (staged: disable first, delete after 30 days)
  4. Rotate stale credentials immediately
  5. Update documentation, close findings, report to compliance
Reference in New Issue View Git Blame Copy Permalink