Blitz Result: Security Admins List
Like sysadmins, don’t think of these security accounts as just plain security admins.
Think of them as users who can get you fired.
Anyone in the security admin role can temporarily grant additional permissions themselves (or others), do something they’re not supposed to, and then remove the permissions to hide their tracks.
This part of our SQL Server sp_Blitz script lists all of the users in the security admin role. If any of these names don’t seem familiar to you, you might have a problem.
To Fix the Problem
You probably don’t want to remove users willy-nilly, but you’ll definitely want to start by copying this list into an email to the users. If possible, these users should be removed from this role.