The recent release of StealthAUDIT 9.0 brings a lot of new features and exciting improvements. Among them, include enhancements and capabilities aligning to our Active Directory (AD) & Azure, Box, Dropbox, Exchange, File Systems, SharePoint, and Windows modules. We even introduced a new module for Oracle database auditing and compliance reporting which is very exciting for our users, enabling them to understand permissions, activity events, sensitive data and configuration related information within those environments.
One of the more exciting features, and the topic of this month’s ProTip, is enhanced Active Directory Activity Intelligence and Reporting. Current StealthAUDIT for Active Directory users are familiar with the “Who Made the Change” reports available with our previous versions. These help our customers understand who is making changes to users, groups, and computers. With StealthAUDIT 9.0, we have made strong improvements and added new capabilities. Via integration with StealthINTERCEPT, StealthDEFEND, or Stealthbits Active Directory Activity Monitor, StealthAUDIT for Active Directory has been enhanced to provide advanced analysis and reporting for Active Directory activity.
This update brings your analysis and reporting capabilities to a completely new level by giving you an understanding to how groups are being used, insight into LDAP queries, lockouts, and operations, and privileged account monitoring. One example that I really love is shown below with our “Group Host Usage” report. This report allows end-users to understand what groups are utilizing what hosts the most in the environment.
Another really great set of reports come with our “Operations” set, providing insight to authentication protocols, domain controller traffic, hardcoded DCs, and the report below which highlights Machine Owners. We can analyze authentication patterns of machines and get the end-user potential machine owners of all the endpoints in the environment.
We have the reports needed to effectively understand not only operations and activity within AD but also reporting around your most vulnerable configurations and permissions as well. If you haven’t checked out the rest of our Active Directory modules or the Active Directory Permissions Analyzer, I strongly suggest you give it a try. While Active Directory is the central authentication hub for any environment, it is important to also understand the permissions and rights users can actually perform.
Want to start using these awesome reports in your environment? Contact support today to get going on a StealthAUDIT upgrade! http://stealthbits.com/support/
Want to learn more about the StealthAUDIT platform and test it out in your own environment? Email a Stealthbits sales representative today! sales@stealthbits.com
To check out more about the StealthAUDIT 9.0 release, click here: https://stealthbits.com/stealthaudit-management-platform-product/
Don’t miss a post! Subscribe to ‘The Insider Threat Security’ Blog here:
Dan is a Presales Engineer at Stealthbits – Now part of Netwrix. Prior to moving over to Presales, Dan worked as a Technical Product Manager.
Related Posts
- PROTIP – How to Purge Data in StealthAUDIT
- PROTIP – Fulfill a DSAR with StealthAUDIT 11.0
- Best Practices – Setting up StealthAUDIT SQL Server Database
- ProTip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for Oracle
- Pro Tip – StealthINTERCEPT DB Maintenance Best Practices
- PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks
- PROTIP: How to Update the “Have I Been Pwned” (HIBP) Breach Dictionary in StealthINTERCEPT Enterprise Password Enforcer and StealthAUDIT
- Protip: How to Setup User Activity & Database Logon Scans in StealthAUDIT for Oracle
- ProTip – The Power of Character Substitution Checks in StealthINTERCEPT Enterprise Password Enforcer
- Protip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for SQL
Leave a Reply