ProTip: Utilizing the New Active Directory Activity Reporting in StealthAUDIT 9.0

ProTip: Utilizing the New Active Directory Activity Reporting in StealthAUDIT 9.0

The recent release of StealthAUDIT 9.0 brings a lot of new features and exciting improvements.  Among them, include enhancements and capabilities aligning to our Active Directory (AD) & Azure, Box, Dropbox, Exchange, File Systems, SharePoint, and Windows modules. We even introduced a new module for Oracle database auditing and compliance reporting which is very exciting for our users, enabling them to understand permissions, activity events, sensitive data and configuration related information within those environments.

One of the more exciting features, and the topic of this month’s ProTip, is enhanced Active Directory Activity Intelligence and Reporting. Current StealthAUDIT for Active Directory users are familiar with the “Who Made the Change” reports available with our previous versions.  These help our customers understand who is making changes to users, groups, and computers. With StealthAUDIT 9.0, we have made strong improvements and added new capabilities. Via integration with StealthINTERCEPT, StealthDEFEND, or STEALTHbits Active Directory Activity Monitor, StealthAUDIT for Active Directory has been enhanced to provide advanced analysis and reporting for Active Directory activity.

This update brings your analysis and reporting capabilities to a completely new level by giving you an understanding to how groups are being used, insight into LDAP queries, lockouts, and operations, and privileged account monitoring. One example that I really love is shown below with our “Group Host Usage” report. This report allows end-users to understand what groups are utilizing what hosts the most in the environment.

Another really great set of reports come with our “Operations” set, providing insight to authentication protocols, domain controller traffic, hardcoded DCs, and the report below which highlights Machine Owners. We can analyze authentication patterns of machines and get the end-user potential machine owners of all the endpoints in the environment.

We have the reports needed to effectively understand not only operations and activity within AD but also reporting around your most vulnerable configurations and permissions as well. If you haven’t checked out the rest of our Active Directory modules or the Active Directory Permissions Analyzer, I strongly suggest you give it a try. While Active Directory is the central authentication hub for any environment, it is important to also understand the permissions and rights users can actually perform.

Want to start using these awesome reports in your environment? Contact support today to get going on a StealthAUDIT upgrade! https://go.stealthbits.com/support-contact

Want to learn more about the StealthAUDIT platform and test it out in your own environment? Email a STEALTHbits sales representative today! Sales@STEALTHbits.com

To check out more about the StealthAUDIT 9.0 release, click here: https://go.stealthbits.com/new-stealthaudit-release-protip


Don’t miss a post! Subscribe to ‘The Insider Threat Security’ Blog here:



Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.