Your Active Directory.
No blind spots.

ADSecure Report™ is the first European Active Directory audit platform that produces 7 distinct regulatory reports in a single scan. 197 security controls compliant with NIS2, ISO 27001 and GDPR.

On-site intervention systematically included
SHA-256 validation in presence of the CISO
Zero data transmitted — 100% on-premise
QR Code verifiable attestation
Book a meeting Learn more
78
Global Security Score
LAPS deployed
OK
SMBv1 active
CRITICAL
Kerberoastable accounts
7 found
Audit policies
CONFIGURED
197
Security controls
7
Distinct reports
20+
Domains analyzed
100%
Made in Belgium

Why choose ADSecure?

The only platform combining guided remediation, business visibility and multi-framework compliance

Complete AD Audit

Exhaustive analysis of accounts, GPOs, delegations, Kerberos, DNS, PKI, trust relationships. Structured report immediately actionable.

Guided Remediation

Each vulnerability comes with step-by-step instructions for the system administrator, with risk level and intelligent prioritization.

Smart Scoring

Score by identity, by server, by business service. Not 1,000 alerts: the 10 actions that are truly critical for your security.

Executive Mode

Non-technical dashboard with business risks, compliance and key indicators for decision-makers and auditors.

7 Distinct Reports

Senior Management, IT Manager, DPO, remediation guide, compliance scoring, Azure AD report, and QR Code verifiable attestation.

Security & Privacy

Local data processing, end-to-end encryption, no data transmitted without explicit consent.

Regulatory Compliance

ADSecure aligns your AD security with European and international standards

NIS2
Covered
European Directive — October 2024
NIS2 requires essential and important EU entities to implement robust cyber risk management measures and incident notification (72h). It covers critical sectors: energy, health, transport, finance, public administration.
  • Privileged access management
  • Detection and notification (72h)
  • Vulnerability management
  • Business continuity
ISO 27001
Aligned
International ISMS Standard
ISO/IEC 27001 is the international reference standard for Information Security Management Systems (ISMS). It defines requirements for establishing, implementing and maintaining a globally recognized ISMS.
  • Access control (A.9)
  • Cryptography (A.10)
  • Operations security (A.12)
  • Incident management (A.16)
CIS Controls
Integrated
Technical framework v8
CIS Controls (v8) define 18 priority controls to drastically reduce the attack surface. Highly technical in nature, they are used by IT teams and auditors as a practical implementation guide.
  • Account management (CIS 05)
  • Access management (CIS 06)
  • Audit log management (CIS 08)
  • Application security (CIS 16)
GDPR
Compliant
EU Regulation 2016/679
GDPR (EU 2016/679) governs the collection, processing and protection of personal data in the European Union. For AD, it involves access traceability, authorization management and rights minimization.
  • Access traceability
  • Lifecycle management
  • Least privilege
  • Log management
Cyfun
Aligned
Belgian CCB Framework
CyFun is the Belgian cybersecurity framework developed by the Centre for Cybersecurity Belgium (CCB). Based on NIST CSF and adapted to the Belgian context, it classifies organizations into 4 maturity levels (Basic, Important, Essential, Critical).
  • Asset identification
  • Authentication protection
  • Anomaly detection
  • Incident response
DORA
Covered
Financial sector — 2025
DORA (EU 2022/2554) applies since January 2025 to European financial entities (banks, insurance companies, ICT providers). It requires robust digital operational resilience, including access management and resilience testing.
  • ICT risk management
  • Resilience testing
  • Incident management
  • Third-party oversight

Transparent Pricing

Plans tailored to every organization — No surprises, no hidden commitments

ESSENTIAL

Up to 100 users

€ 6,900/year
  • Azure AD & hybrid cloud included
  • Full compliance: NIS2, CIS Controls v8, ISO 27001, GDPR, DORA
  • Complete reports per audit
  • Security scoring per domain
  • Step-by-step guided remediation
  • Email support included
Book a meeting
RECOMMENDED

PROFESSIONAL

100 to 250 users

€ 14,900/year
  • Everything in Essential
  • Multi-site Active Directory
  • 4 AD audits per year
  • Multi-site dashboard
  • Executive reports (Management/CISO)
  • Priority phone + email support
Book a meeting

ENTERPRISE

250+ users

Onquote
  • Everything in Professional
  • 24/7 continuous monitoring
  • Attack simulation sandbox
  • SIEM/SOC integration
  • Dedicated account manager
  • Contractual SLA guarantees
Contact us

Commercial information:

✓ All prices are ex-VAT — VAT applies as per applicable legislation
✓ Annual subscription — invoiced upon signing
✓ Auto-renewal with 30-day notice
✓ Personalized appointment available on request
✓ Enterprise custom quote within 48h
✓ Special conditions for public sector and associations

Frequently Asked Questions

Find quick answers to the most common questions

ADSecure Report™ is an Active Directory audit platform that produces, from a single scan, seven distinct regulatory reports: one for senior management, one for the IT Manager, one for the DPO, a remediation guide, a compliance scoring report, an Azure AD / Entra ID report, and a QR Code verifiable attestation. 197 control points cover 20 distinct domains of your AD infrastructure.

No. The scan runs in read-only mode, without installation, without modifying the infrastructure. Data does not leave the client's environment. The self-contained PowerShell agent runs on any Windows environment from Server 2016 onwards. No Active Directory data transits to our servers: this is guaranteed architecturally, not contractually.

On-site presence is not an option in our model: it's a principle. Deploying a security tool on a domain controller without being physically present to validate its integrity and accompany the report delivery means missing the essence of what an audit means. The SHA-256 validation of the executable, performed live in the presence of the CISO before launch, is the foundation of trust.

ADSecure requires Windows Server 2016 or later, PowerShell 5.1 or higher, and the RSAT Active Directory module installed. A domain member account with read-only access to AD is sufficient. Local administrator rights are recommended for advanced registry controls. No internet connection is required to run the scan.

Yes. Each of ADSecure's 197 controls is mapped to the relevant NIS2 article (EU Directive 2022/2555, mandatory since October 2024) and to Annexes A.8, A.9, A.12, A.18 of ISO 27001:2022. The management report automatically generates an Art. 21 compliance summary ready for auditors. We also cover CIS Controls v8, GDPR, Cyfun (Belgium) and DORA (financial sector).

ADSecure's QR Code attestation is an enforceable, timestamped, tamper-proof document. It is verifiable in real time at verify.mandatoryshield.com and constitutes admissible due-diligence evidence in the context of an audit, a claim or a regulatory inspection. It's a unique market innovation that gives legal value to your security audits.

Our plans are segmented by number of users. Essential (€6,900/year) is designed for organizations up to 100 users: Azure AD & hybrid cloud included, full compliance (NIS2, CIS Controls v8, ISO 27001, GDPR, DORA), complete reports and guided remediation. Professional (€14,900/year) targets organizations with 100 to 250 users, adding multi-site Active Directory, 4 AD audits per year and executive reports (Management/CISO). Enterprise (on quote) is for organizations with more than 250 users, with 24/7 monitoring, SIEM/SOC integration and a dedicated account manager.

We do not offer free trials due to the sensitive nature of Active Directory audits and our systematic on-site approach. However, we organize personalized appointments to present the platform, answer your specific questions and assess your needs. Contact us at contact@mandatoryshield.com to schedule a discussion with our experts.

After contract signing and invoicing, we schedule the on-site intervention within 5 to 10 business days depending on your location. The first audit and report delivery take place during this mission. Subsequent audits are scheduled according to your plan: 4 audits per year for Professional, on-demand for Enterprise.

Yes, included from the Essential plan. The Azure AD & hybrid cloud module is included in all plans at no extra cost. It analyzes your Microsoft cloud environment, Azure AD Connect synchronizations and federation configurations, and produces a dedicated report alongside the on-premise AD audit.

Mandatory Shield Logo

Who we are

Mandatory Shield Company — Protecting the digital identity of European organizations

PR
Pierre-Antoine Rouhaud
Co-Founder & CEO
Expert in securing Windows infrastructures and Active Directory. Pierre-Antoine brings a strategic vision combined with deep technical mastery. He leads product direction and ADSecure's commercial strategy.
RB
Raphaël Berki
Co-Founder & CTO
Software architect and cybersecurity specialist, Raphaël designs ADSecure's technical architecture. His expertise covers behavioral analysis, attack simulation and intelligent scoring engines.

Our Mission

Enable every European organization to master the security of its Active Directory, regardless of its size, with tools that are both powerful, accessible and compliant.

Built in Belgium

Developed in Brussels. GDPR native. European sovereignty.

Innovation

Continuous R&D to anticipate tomorrow's threats.

Trust

Transparency, guidance and expert support.

Contact

Book a Meeting

Let's discuss your Active Directory security needs. Our experts will contact you within 24 hours to arrange an appointment.

✉️Email
contact@mandatoryshield.com
🌐Website
www.mandatoryshield.com
📍Location
Brussels, Belgium (European Union)