For the best web experience, please use IE11+, Chrome, Firefox, or Safari

Real-time change auditing for Microsoft platforms

Change reporting and access logging for Active Directory (AD) and enterprise applications is cumbersome, time-consuming and, in some cases, impossible using native IT auditing tools. This often results in data breaches and insider threats that can go undetected without protections in place.

Fortunately, there's Change Auditor. With Change Auditor, you get complete, real-time IT auditing, in-depth forensics and comprehensive security monitoring on all key configuration, user and administrator changes for Microsoft Active Directory, Azure AD, Exchange, Office 365, file servers and more. Change Auditor also tracks detailed user activity for logons, authentications and other key services across enterprises to enhance threat detection and security monitoring. A central console eliminates the need and complexity for multiple IT audit solutions.

Hybrid environment auditing

Get a single, correlated view across your hybrid Microsoft environments, with visibility of all changes whether on-prem or in the cloud.

At-a-glance display

Track user and administrator activity with detailed information for change events, plus original and current values for all changes.

Hosted dashboard

View hybrid AD and Office 365 activity together in On Demand Audit, a SaaS dashboard with flexible search and data visualization.

Change Auditor Threat Detection

Detect insider threats proactively with user behavior analytics and reduce the noise of false positive alerts.

Object protection

Protect against changes to critical data within AD, Exchange and Windows file servers, including privileged groups, GPOs and sensitive mailboxes.

Real-time alerts on the move

Send critical change and pattern alerts to email and mobile devices to prompt immediate action, even while you're not on site.

SIEM integration

Integrate with SIEM solutions to forward Change Auditor events to Splunk, ArcSight or QRadar.

Auditor-ready reporting

Generate comprehensive reports to support regulatory compliance mandates for GDPR, SOX, PCI-DSS, HIPAA, FISMA, GLBA and more.

On Demand Audit Hybrid Suite for Office 365

With just a few clicks, you can pair Change Auditor for Active Directory and On Demand Audit to get a single, hosted view of all changes made across AD, Azure AD, Exchange Online, SharePoint Online and OneDrive for Business. Simplify investigations with responsive search and interactive data visualization, and retain audit history for up to 10 years.

Learn How to Upgrade

Features

Account lockout

Capture the originating IP address/workstation name for account lockout events to simplify troubleshooting.

Related searches

Provide instant, one-click access to all information on the change you're viewing and all related events, such as what other changes came from specific users and workstations, eliminating additional guesswork and unknown security concerns.

Improved security insights

Correlate disparate IT data from numerous systems and devices into IT Security Search, an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualizations and event timelines.

Quest InTrust integration

Integrate with Quest InTrust for 20:1 compressed event storage and centralized native or third-party log collection, parsing and analysis with alerting and automated response actions to suspicious events such as known ransomware attacks or fishy PowerShell commands.

Superior auditing engine

Remove auditing limitations and capture change information without the need for native audit logs, resulting in faster results and significant savings of storage resources.

Security timelines

View, highlight and filter change events and discover their relation to other security events in chronological order across your Microsoft environment for better forensic analysis and security incident response.

Platforms

Product Demo: Learn about Change Auditor for Active Directory

Active Directory

Change Auditor for Active Directory and Change Auditor for Logon Activity proactively track, report and alert on vital events in Microsoft Active Directory and Azure AD with a single, correlated view across your hybrid AD environment.

Product Demo: Learn about On Demand Audit

Azure AD and Office 365

With just a few clicks, you can pair Change Auditor for Active Directory and On Demand Audit to get a single, hosted view of all changes made across AD, Azure AD, Exchange Online, SharePoint Online and OneDrive for Business.

Learn about Change Auditor for Exchange

Exchange

Change Auditor for Exchange simplifies the Exchange auditing process. Track, audit, report and alert on Microsoft Exchange on-premises and Exchange Online changes in real time within a single, correlated view.

Product Demo: Change Auditor for Windows File Servers

Windows Server

Change Auditor for Windows File Servers helps you control and audit changes to Microsoft Windows Server efficiently and cost-effectively. Proactively track, audit, report on and alerts on vital changes, including user and administrator accounts, in real time and without the overhead of native auditing.

Product Demo: Change Auditor for SQL Server

SQL Server

Change Auditor for SQL Server makes database auditing of Microsoft SQL Server easy and secure. It tracks, audits, reports on and alerts on changes in real time, translating events into simple terms and eliminating the time and complexity required for auditing.

Product Demo: Change Auditor for NetApp

Network-attached storage

Ensure the security, compliance and control of files, folders and shares by tracking, auditing, reporting and alerting on all changes in real time. With Change Auditor for NetApp, EMC or FluidFS, you can report on and analyze events and changes without the complexity and time required with native auditing.

SharePoint and OneDrive for Business

Change Auditor for SharePoint enables faster, easier and more secure SharePoint, SharePoint Online and OneDrive for Business auditing. It translates events into simple terms, stores data in one centralized and secure database and, in real time, tracks, audits, reports on and alerts on critical changes to:

  • SharePoint farms, servers, sites, users, permissions and more
  • File and folder activity as well as sensitive data moving in and out of OneDrive for Business

Skype for Business

Change Auditor for Skype for Business provides enterprise-wide visibility that allows you to see how Skype for Business is configured and enforced, so you can take a proactive management approach. Get alerts and reports on administrator activity, security and configuration changes in real time.

VMware

VMware

Change Auditor for VMware vCenter helps you ensure the security, compliance and control of event activity, and the security of VMware vCenter Server. It manages, audits, reports on and provides alerts on all changes to the platform in real time, making VMware monitoring easy.

Stevie Awards 2018 People’s Choice winner

Stevie Awards 2018 People’s Choice winner

In the 2018 Stevie Award’s People Choice awards, Change Auditor was voted best software and also won a Silver Stevie for best new product of 2018

Resources

Change Auditor Family
Datasheet
Change Auditor Family
Change Auditor Family
Ensure security, compliance and control of AD and Azure AD.
Read Datasheet
Overcoming Office 365 Security & Compliance Auditing Challenges
White Paper
Overcoming Office 365 Security & Compliance Auditing Challenges
Overcoming Office 365 Security & Compliance Auditing Challenges

Commercial use of Office 365 has skyrocketed in recent years — but most organizations admit they still lack the

Read White Paper
Detecting Insider Threats in Office 365 and Hybrid AD
On Demand Webcast
Detecting Insider Threats in Office 365 and Hybrid AD
Detecting Insider Threats in Office 365 and Hybrid AD

Office 365, AD and Azure AD security are critical for your business continuity, especially when it comes to mitigating insider threats. Unfortunately, native auditing tools are limited in their eve

Watch Webcast
What Is Azure ATP and How Does It Fit into Your Security Strategy?
White Paper
What Is Azure ATP and How Does It Fit into Your Security Strategy?
What Is Azure ATP and How Does It Fit into Your Security Strategy?

Being able to quickly detect and respond to threats is essential for both security and regulatory compliance. But it’s not an easy task. On the one hand, you have hackers battering your netwo

Read White Paper
Surviving Office 365 and Hybrid AD Security Auditing Pitfalls
On Demand Webcast
Surviving Office 365 and Hybrid AD Security Auditing Pitfalls
Surviving Office 365 and Hybrid AD Security Auditing Pitfalls

Proper Office 365 and hybrid Active Directory auditing is essential to security and regulatory compliance. Unfortunately, native Office 365 and Azure AD auditing tools leave a lot to be desired whe

Watch Webcast
Three ways a privileged user can hose your Active Directory
E-book
Three ways a privileged user can hose your Active Directory
Three ways a privileged user can hose your Active Directory
This eBook reviews insider threats and eight AD security best practices to reduce risk and recovery time.
Read E-book
Deciding Which Security Event Logs to Collect and How to Process Them in Your SIEM and Beyond
On Demand Webcast
Deciding Which Security Event Logs to Collect and How to Process Them in Your SIEM and Beyond
Deciding Which Security Event Logs to Collect and How to Process Them in Your SIEM and Beyond

Using SIEM to check every log with security value can be overwhelming and costly. Collecting logs is vital to detecting, analyzing and preventing security breaches, but not every log has to be sent

Watch Webcast
Conversational Geek e-book: Hybrid AD Security Detection & Alerting
E-book
Conversational Geek e-book: Hybrid AD Security Detection & Alerting
Conversational Geek e-book: Hybrid AD Security Detection & Alerting
Your Active Directory (AD) security is constantly in a state of change, making it difficult to understand your risks from static reports alone. That’s why you need to actively monitor all changes made in AD — being able to detect suspicious activity and a
Read E-book