Microsoft LAPS Usage Assessment - Microsoft Defender for Identity

Implementation Effort: Medium: Customer IT and Security Operations teams need to drive projects to implement and configure Microsoft LAPS across domain-joined computers.

User Impact: Low: Action can be taken by administrators, and users don’t have to be notified.

Overview

Microsoft's Local Administrator Password Solution (LAPS) provides management of local administrator account passwords for domain-joined computers by randomizing and storing them in Active Directory (AD). This security assessment helps identify which devices are not protected by LAPS, ensuring better security posture and mitigating risks of lateral escalation attacks.

Reference

Microsoft LAPS Usage Assessment - Microsoft Defender for Identity