AD Security Monitoring Tool

  • 399 Views
  • Last Post 01 August 2019
Mano posted this 24 July 2019

Hi all,
I am looking for a software to monitor Active Directory environment. I have been requested to review PingCastle, ALSID and MS ATA (Advanced Threat Analytics) tools to finalize. 
Can you please share your thought!
Also, please share if any other tool which can does the job better then above so that i can propose them as well.
Thank you,Mano

Order By: Standard | Newest | Votes
jheaton posted this 24 July 2019

Not sure what you’re trying to accomplish, but Netwrix is a fantastic auditing tool, to track who does what, where, and when.

 

show

Ravi.Sabharanjak posted this 26 July 2019

Ms ata is full of false positives. In fact, I have heard this is true of all UBA tools which were the flavor of the month in the past couple of years. There is some value there, however it is very well hidden in all the false positives :)


show

Mano posted this 31 July 2019

Thank you! Josh and Ravi
Hi all,
Basically, i am looking a tool which does security monitoring tool (to prevent modern thread, cyber attack, monitoring AD related activities and finding loopholes) 
Best regards,Sampath


show

darren posted this 31 July 2019

(disclaimer--I work for Semperis)

 

Semperis has a product called Directory Services Protector that does AD change tracking and rollback, along with typical stuff like notifications based on classes of changes, reporting, etc. While it’s not strictly in the ATA mold, it has

some nice capabilities that are missing in standard AD auditing solutions, such as the ability to detect changes (e.g. DCShadow is one that I discuss here:



https://www.semperis.com/blog/why-most-organizations-still-cant-defend-against-dcshadow/) that don’t hit the event log. That said, it really depends upon your security monitoring requirements.

 

Darren

 

 

 

show

Mano posted this 01 August 2019

Thank you! Darren 
I will come back with more specific requirements.
- Sampath


show

Close