Systems and methods for identifying a security risk include a security group analyzer that identifies a first set of users belonging to a security group such as a local administrators' group. A privileges analyzer identifies a second set of users having one or more privileges gained from user rights assignments that may pose a security risk. An autostart extensibility point (ASEP) access analyzer identifies a third set of users by identifying users having access to an ASEP entry or an image path identified by an ASEP entry. A security risk identifier identifies security risks by identifying users that are in the second or third set of users but are not in the first set of users. A security handler performs a responsive action in response to the identification of the security risk. A security graph builder uses the identified interrelationships to build a security graph that illustrates the security risks.