6 AI Agents Active

Discovery Script Library

Pre-built scripts for each security domain. Run in the client environment, then upload the JSON output to Pinnacle SPM.

13 scripts

How to use these scripts

  1. Download the script for the domain you are assessing
  2. Run it in the client environment (Azure Cloud Shell, PowerShell, Bash, AWS CloudShell)
  3. The script outputs a JSON file with standardised findings
  4. Upload the JSON to Cloud Connectors → Evidence Upload for automatic import
  5. Findings appear in the Gap Report and Board Report automatically
Entra ID / Azure AD Audit
powershell
Exports all users, admin roles, MFA status, guest accounts, service principals, and conditional access policies from Entra ID.
Domain:Identity & Access
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Microsoft.Graph PowerShell module, Global Reader or Security Reader role
Privileged Account Inventory (Active Directory)
powershell
Lists all privileged accounts, service accounts, shared accounts, and accounts with stale passwords in Active Directory.
Domain:Identity & Access
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: ActiveDirectory PowerShell module, Domain Admin or equivalent read access
Azure NSG & Firewall Rules Audit
powershell
Audits all NSG rules, identifies overly permissive rules (0.0.0.0/0), exposed management ports (22, 3389, 5985), and missing flow logs.
Domain:Network Security
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Az PowerShell module, Reader role on Azure subscription
Email Security DNS Check (DMARC/DKIM/SPF)
powershell
Checks DMARC, DKIM, and SPF records for a list of domains and identifies missing or misconfigured email security controls.
Domain:Email Security
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: PowerShell 5.1+, Internet DNS access
Microsoft Defender Endpoint Status
powershell
Exports Defender for Endpoint onboarding status, antivirus signature age, and devices missing EDR coverage from Microsoft Defender.
Domain:Endpoint Protection
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Microsoft.Graph PowerShell module, DeviceManagementManagedDevices.Read.All permission
Azure Storage & Key Vault Audit
powershell
Audits Azure Storage accounts for public access, HTTPS enforcement, and Key Vaults for soft delete and purge protection.
Domain:Data Protection
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Az PowerShell module, Reader role on Azure subscription
AWS Security Hub Findings Export
bash
Exports all active findings from AWS Security Hub across all enabled standards (CIS, NIST, PCI DSS, AWS Foundational Security Best Practices).
Domain:Cloud Security
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: AWS CLI configured, SecurityAudit IAM policy, Security Hub enabled
GCP Security Command Center Export
bash
Exports all active findings from Google Cloud Security Command Center.
Domain:Cloud Security
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: gcloud CLI configured, roles/securitycenter.findingsViewer
Azure Diagnostic Settings Coverage Audit
powershell
Checks which Azure resources have diagnostic settings enabled and identifies gaps in log coverage.
Domain:Logging & Monitoring
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Az PowerShell module, Reader role on Azure subscription
Windows Patch Compliance Audit
powershell
Checks Windows Update status, missing critical patches, and patch compliance across domain-joined machines.
Domain:Vulnerability Management
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Domain Admin or WMI access to target machines, PowerShell Remoting enabled
Microsoft 365 Secure Score Export
powershell
Exports the Microsoft 365 Secure Score and all improvement actions with current status, max score, and remediation steps.
Domain:Cloud Security
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Microsoft.Graph PowerShell module, SecurityEvents.Read.All permission
Microsoft Defender for Cloud Recommendations
powershell
Exports all active security recommendations from Microsoft Defender for Cloud with severity, affected resource, and remediation steps.
Domain:Cloud Security
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: Az PowerShell module, Security Reader role on Azure subscription
Generic Manual Finding Template
powershell
Template for manually creating a Pinnacle SPM-compatible JSON findings file. Use this when no automated script exists for a specific check.
Domain:All Domains
Output: JSON — compatible with Pinnacle SPM evidence import
Prerequisites: PowerShell or any text editor