Hyperfish Analysis Tool - Security FAQ

Justin Tung -

The Hyperfish Analysis Tool is a free utility that scans an Active Directory (AD) instance and generates a report about the completion of directory attributes. This FAQ is intended to answer common security questions about the Hyperfish Analysis Tool. If you are looking for security information pertaining to the full Hyperfish product, please see the Hyperfish Security FAQ.

How does the Hyperfish Analysis Tool read from Active Directory?

  • In a Cloud implementation (Azure Active Directory online only), Hyperfish will read directly from Azure Active Directory (AAD) and perform an analysis. 
  • In On-premises and Hybrid AD deployments, Hyperfish analyzes the on-premises AD instance and considers this to be the source of truth. Hyperfish reads from on-premises AD in Hybrid configurations because not all properties are synced to AAD, and AAD does not necessarily write properties back to AD.

Which Active Directory objects will the Hyperfish Analysis Tool scan?

  • The Hyperfish Analysis Tool will only scan user objects that have a valid mail property. This omits most service accounts and produces more accurate analysis results. 

How does Hyperfish secure the data sent between the Analysis Tool and the Hyperfish service?

  • Hyperfish secures all communication over HTTPS, a TCP/IP protocol used by Web servers to transfer web content securely. The data transferred is encrypted so that it cannot be read by anyone other than the recipient.

What kind of information is stored by Hyperfish?

  • For user properties we only transactionally store true/false values if data is missing, as the Hyperfish Analysis Tool does not require attribute details to calculate overall completion statistics of a given directory. 
  • Once a report is generated, a link to the report is sent to the provided email address. The link to a report can be shared freely to show others the completion metrics of a given directory. No Personally Identifiable Information (PII) is included in the report. 

Where is the Hyperfish service?

  • All Hyperfish data is hosted in Azure. For more information about Azure security, please refer to the Microsoft Azure Security documentation: https://www.microsoft.com/en-us/trustcenter/Security/AzureSecurity


Have more questions? Submit a request


Please sign in to leave a comment.