GEC NEWS WIREManageEngine’s ADAudit Plus-new search utility instantly pieces together vital telltale signs of a suspected account
ManageEngine has released the latest version of ADAudit Plus, its web-based Active Directory (AD) auditing software. The new version includes a search utility that offers a consolidated audit trail, which enables AD administrators to analyze security incidents contextually. The software packs another new feature that provides a bird’s eye view of all the Active Directory changes that occurred in a specified time period.
“The new search utility of ADAudit Plus can pull in diverse but relevant pieces of forensic information that an investigator would require, and it distills and consolidates that data into a crisp yet context-rich summary, which makes spotting the adversary quicker and easier.” said Balasubramanian Palani, Product Manager, ManageEngine.
Every detail presented in the summary is a link, which, when clicked, displays an elaborate report for closer inspection. Similarly, the search also produces a consolidated audit summary for any given group or computer object, all of which would satisfy a compliance auditor if an account is selected for an audit. Additionally, this search strings together all the clues, which, when analyzed together, offer a context that either exposes an attacker instantly or highlights the indicators of a compromise that lead to the attacker. This capability enables AD administrators to detect threats — especially insider attacks — which could be missed when security events are analyzed as isolated instances.
