Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
THRENIS is an enterprise security assessment platform presented on digithink.com.tr, with a core focus on Active Directory Security Assessment. It emphasizes identifying genuinely exploitable risks through 80+ specialized analyzers, including Kerberoasting, AS-REP Roasting, delegation issues, ACL misconfigurations, DCSync permissions, and hidden attack paths. It also provides risk scoring and remediation recommendations.
The platform includes four scanning modules: AD Scanner, SMB Share Scanner, MSSQL Scanner, and Host Discovery. The AD component covers identity risks, privilege escalation paths, GPO abuse, Shadow Credentials, local administrator privileges, and more. The SMB module is used for share enumeration, permission analysis, and sensitive file discovery. The MSSQL module focuses on security configuration, SA privileges, weak passwords, xp_cmdshell, linked servers, and related risks. Host Discovery is used for network mapping and service identification. The workflow uses read-only credential-based authentication, discovery, analysis based on CVSS and exploitability, and then generates reports and remediation checklists.
The page offers Start Free Assessment and Request Assessment options, and states that no credit card is required. The form asks for a work email, environment size, and primary area of interest, with user scale ranging from under 1,000 to 10,000+. However, official pricing, service duration, delivery model, SLA, and payment methods are not disclosed. As a result, it appears more like a sales-led assessment service or a trial entry point for the platform.
Its strengths are that the detection items closely align with real-world AD attack chains, covering domain takeover, credential theft, privilege abuse, and sensitive data exposure. The reports do more than list issues: they include an executive summary, prioritized recommendations, and step-by-step remediation guides, making them suitable for practical remediation work. The main drawback is that the publicly available information lacks details on deployment model, continuous monitoring capabilities, alerting, API/SIEM/ticketing integrations, compliance certifications, and support channels, all of which should be confirmed during procurement evaluation.
THRENIS is suitable for mid-sized and large enterprises that rely on Microsoft AD, SMB, and MSSQL, particularly for annual security health checks, remediation before red-team/blue-team exercises, post-incident investigation, or compliance audit preparation. The page does not provide verifiable information about access from China, so its availability is unknown. Cross-border access, contract payment, and data export requirements should be assessed separately. Comparable alternatives include PingCastle, BloodHound Enterprise, Semperis DSP, Tenable.ad, and Microsoft Defender for Identity.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on digithink.com.tr official site.
digithink.com.tr is an Türkiye pentest provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach digithink.com.tr directly.