I have installed ATA GA-version in our domain-environment. Now I get this alarm:
Services Exposing Account Credentials. Services running on "serverx" exposed "usernamex's" credentials in cleartext using LDAP simple bind.
When I run Microsoft Network Monitor-tool, I can see that LDAP's authentication type query is SASL:
34764 9:47:33 3.9.2015
18.9314568 dc.domain.com
domain.com LDAPMessage
LDAPMessage:Bind Request, MessageID: 3656
Authentication: PrincipalName: ldap/dc.domain.com/domain.com, Authentication type = sasl
Is it possible that this alarm is false positive? So that ATA recognize this network traffic in wrong way?
In general, this program looks really good.