Active Directory Audit Integration

Version: Active Directory Windows Server 2012,Windows Server 2012 R2,Windows Server 2008,Windows 8 and Windows 7.

Active Directory addresses the Windows default audit policy settings, baseline recommended audit policy settings, and the more aggressive recommendations from Microsoft, for workstation and server products. The SCM baseline recommendations shown here, along with the settings recommend to help detect compromise, are intended only to be a starting baseline guide to administrators. Each organization must make its own decisions regarding the threats they face, their acceptable risk tolerances, and what audit policy categories or subcategories they should enable.

Netsurion Open XDR monitors user logon behaviour, access point configuration changes, WLAN group management and service status and generates flex reports, flex dashboards and alerts for rogue access point detected and system state changed.

Netsurion Data Source Integration for Active Directory allows you to monitor the following components:-

Security – Kerberos authentication operations and DPAPI activities.
Compliance – Account logon and management events.
Operation – Service changes/replication, process termination and RPC events.

After the Active Directory is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution

Active Directory Audit