I am looking for a software to monitor Active Directory environment. I have been requested to review PingCastle, ALSID and MS ATA (Advanced Threat Analytics) tools to finalize.
Can you please share your thought!
Also, please share if any other tool which can does the job better then above so that i can propose them as well.
AD Security Monitoring Tool
- 399 Views
- Last Post 01 August 2019
Not sure what you’re trying to accomplish, but Netwrix is a fantastic auditing tool, to track who does what, where, and when.
Ms ata is full of false positives. In fact, I have heard this is true of all UBA tools which were the flavor of the month in the past couple of years. There is some value there, however it is very well hidden in all the false positives :)
Thank you! Josh and Ravi
Basically, i am looking a tool which does security monitoring tool (to prevent modern thread, cyber attack, monitoring AD related activities and finding loopholes)
(disclaimer--I work for Semperis)
Semperis has a product called Directory Services Protector that does AD change tracking and rollback, along with typical stuff like notifications based on classes of changes, reporting, etc. While it’s not strictly in the ATA mold, it has
some nice capabilities that are missing in standard AD auditing solutions, such as the ability to detect changes (e.g. DCShadow is one that I discuss here:
https://www.semperis.com/blog/why-most-organizations-still-cant-defend-against-dcshadow/) that don’t hit the event log. That said, it really depends upon your security monitoring requirements.
Thank you! Darren
I will come back with more specific requirements.