Market Trends: AD Security Assessment and Rollback and Recovery

Market Trends: AD Security Assessment and Rollback and Recovery

AD Security Assessment

Active Directory security is a hot topic. Some security professionals have made their living by uncovering vulnerabilities in directory services. Take for instance, Sean Metcalf at ADSecurity.org. He has an entire blog focused on Active Directory security. What tends to be lacking, however, is an easy-to-follow Security Assessment that highlights critical areas of concern in a Microsoft Active Directory and Windows environment.

Most organizations aren’t aware they even have a problem—as issues in their directory and server configurations aren’t picked up by traditional methods like anti-virus, SIEM, etc. There is a very real need for organizations to be given a set of Active Directory and Windows operating system best practices to follow.

For more information, please check out our Credential and Data Security Assessment.

AD Rollback and Recovery

Another critical need is the ability to easily and safely rollback and recover from malicious or accidental changes made to Active Directory. Customers have common requirements like:

  • An administrator inadvertently changes attributes on multiple user accounts like address, phone number, or manager and needs to roll the changes back.
  • A user, group, or computer is deleted and needs to be recovered with all attributes and group memberships reassigned.
  • Members are inadvertently removed or added to groups and the changes need to be rolled back.
  • DNS entries are modified and need to be rolled back to a previous state.
  • Permissions have been modified on an organizational unit and must be rolled back to a prior state.

To best meet these requirements, organizations need to be able to focus on the information that matters most. The point-in-time recovery of AD objects, attributes, DNS entries, and entire domains enables them to restore all or just the information they need. The best part is they can accomplish this without downtime. Native AD tools simply don’t provide these capabilities.

For more information, please read the StealthRECOVER Data Sheet.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other