如需獲得最佳網頁瀏覽體驗,請使用 IE 11 或更高版本、Chrome、Firefox 或 Safari。
video 01:37

在COVID-19疫情期间要监控的5大Office 365和Azure AD安全事件

针对Active Directory (AD)和企业应用程序的更改报告和访问日志记录既繁琐又费时,有时甚至无法使用原生IT审核工具来完成。 这通常导致现有保护措施无法检测到的数据泄露和内部威胁。

幸运的是,Change Auditor可以提供帮助。 借助Change Auditor,您可以对Microsoft Active Directory、Azure AD、Exchange、Office 365、文件服务器等的所有关键配置、用户和管理员更改进行全面实时的IT审核、深入的取证分析和全面的安全监控。 Change Auditor还可以跟踪企业范围内的登录、身份验证和其他关键服务的详细用户活动,从而增强威胁检测和安全监控。 中央控制台可以避免使用多种IT审核解决方案带来的繁复。

混合环境审核

获得混合Microsoft环境的单一关联视图,以及对所有更改的可见性,无论更改位于内部部署还是在云环境中。

直观显示

跟踪用户和管理员的活动并提供更改活动的详细信息,以及所有更改的原始值和当前值。

托管控制板

On Demand Audit(具有灵活搜索和数据可视化的SaaS控制板)中查看混合AD和Office 365活动。

黄金票据检测

检测在黄金票据/票据传递攻击期间使用的常见Kerberos身份验证漏洞,并发出相应警报。

对象保护

防止更改AD、Exchange和Windows文件服务器(包括特权组、GPO和敏感邮箱)中的关键数据。

随时随地获得实时警报

向电子邮件地址和移动设备发送关键更改和模式警报,让您即便不在现场也能收到有关立即采取措施的提醒。

SIEM集成

与SIEM解决方案相集成,将Change Auditor事件转发到Splunk、Arcsight或QRadar。

可直接呈递审核员的报告

生成全面的报告以符合法律合规性要求(如GDPR、SOX、PCI-DSS、HIPAA、FISMA、GLBA等)。

On Demand Audit Hybrid Suite for Office 365

只需点击几下,即可将Change Auditor for Active Directory和Change Auditor for Logon Activity与On Demand Audit配对,以获得AD、Azure AD、Exchange Online、SharePoint Online、OneDrive for Business和Teams中所有更改的单一托管视图。 通过响应快速的搜索和交互式数据可视化简化调查,并可将审核历史记录保留长达10年。

了解如何升级

功能

帐户锁定

捕获造成帐户锁定事件的原始IP地址/工作站名称,从而简化故障排除过程。

相关搜索

只需单击一下,便可立即访问关于您所查看更改的所有信息以及所有相关事件(例如来自特定用户和工作站的其他更改),从而消除额外的不确定因素和未知安全隐患。

增强安全洞察

将大量系统和设备中的不同IT数据关联到IT Security Search(一种交互搜索引擎)中,以加快安全事件响应和取证分析速度。 通过丰富的可视化和事件时间表囊括用户授权和活动、事件趋势、可疑模式等。

Quest InTrust集成

Quest InTrust相集成,实现20:1的压缩事件存储和集中化的原生或第三方日志收集,进行解析和分析并对可疑事件(例如已知勒索软件攻击或可疑PowerShell命令)发出警报和自动执行响应操作。

出色的审核引擎

消除审核限制并捕获更改信息,而无需使用原生审核日志,从而可以更快速地生成结果并节约大量存储资源。

安全性时间表

查看、突出显示和筛选Microsoft环境中随时间推移顺次发生的更改事件并发现它们与其他安全事件之间的关系,从而更好地进行取证分析和做出安全事件响应。

平台

Learn about Change Auditor for Active Directory 04:07
了解Change Auditor for Active Directory

Active Directory

Change Auditor for Active DirectoryChange Auditor for Logon Activity可通过跨混合AD环境的单一关联视图主动检测Microsoft Active Directory和Azure AD中的重要事件并发出相应警报。 跟踪Kerberos和NTLM身份验证,以帮助前瞻性地发现漏洞。

On Demand Audit product overview 07:06
产品演示:了解On Demand Audit

Azure AD和Office 365

只需点击几下,即可将Change Auditor for Active Directory和On Demand Audit配对,以获得AD、Azure AD、Exchange Online、SharePoint Online和OneDrive for Business中所有更改的单一托管视图。

Learn about Change Auditor for Exchange 04:02
了解Change Auditor for Exchange

Exchange

Change Auditor for Exchange可简化Exchange审核过程。 在单一关联视图中实时跟踪、审核、报告Microsoft Exchange内部部署环境和Exchange Online更改,并发出相应警报。

Overview of Change Auditor for Windows File Servers 03:52
产品演示:Change Auditor for Windows File Servers

Windows Server

Change Auditor for Windows File Servers可帮助您采用经济实惠的方式,高效地控制和审核对Microsoft Windows Server的更改。 它可以实时主动跟踪、审核、报告重要更改(包括用户和管理员帐户)并发出警报,而无需承担原生审核的额外负担。

Overview of Change Auditor for SQL Server 04:06
产品演示:Change Auditor for SQL Server

SQL Server

Change Auditor for SQL Server可让您轻松安全地对Microsoft SQL Server执行数据库审核。 它可实时跟踪、审核、报告更改并发出相应警报,将各种事件转换为简单的术语,因而消除了审核所需的时间和复杂性。

How to audit file activity in Change Auditor for NetApp 05:04
产品演示:Change Auditor for NetApp

网络连接存储

通过对所有更改进行实时跟踪、审核、报告并发出相应警报,确保文件、文件夹和共享的安全性、合规性和操控性。 利用Change Auditor for NetApp、Change Auditor for EMC或Change Auditor for FluidFS,您可以报告和分析事件及更改,消除了原生审核所需的复杂性和时间。

Overview of Change Auditor for SharePoint 03:26

SharePoint和OneDrive for Business

Change Auditor for SharePoint可以更快速、更轻松和更安全地对SharePoint、SharePoint Online和OneDrive for Business进行审核。 它可将事件转换为简单术语,将数据存储在单个集中式安全数据库中,并且实时跟踪、审核、报告对以下方面的重要更改并发出相应警报:

  • SharePoint场、服务器、站点、用户、权限等
  • OneDrive for Business内部和外部的文件和文件夹活动以及敏感数据移动
How to audit changes to Skype in Change Auditor for Skype for Business 04:18

Skype for Business

Change Auditor for Skype for Business可以提供整个企业范围的信息,让您能够了解Skype for Business的配置和实施情况,以便采取前瞻性的管理方法。 实时获得有关管理员活动、安全性和配置更改的警报和报告。

VMware

VMware

Change Auditor for VMware vCenter可以帮助您确保事件活动的安全性、合规性和对事件活动的控制力,以及VMware vCenter Server的安全性。 它可以实时管理、审核和报告平台的所有更改并发出相应警报,从而轻松执行VMware监控。

荣获2018年Stevie Awards美国人民选择奖

荣获2018年Stevie Awards美国人民选择奖

在2018年Stevie Award美国人民选择奖的角逐中,Change Auditor得票最多,荣获最佳软件奖,此外,还获得2018年最佳新产品银奖。

资源

Top 10 Active Directory Security Reports and Alerts You Need
白皮书
Top 10 Active Directory Security Reports and Alerts You Need
Top 10 Active Directory Security Reports and Alerts You Need
Check out this white paper to discover the top 10 reports and alerts you need to ensure the stability and security of your on-prem or hybrid Active Directory, and see how easily you can get them with Change Auditor.
阅读白皮书
Five Ways to Improve Auditing of Your Hybrid Active Directory
白皮书
Five Ways to Improve Auditing of Your Hybrid Active Directory
Five Ways to Improve Auditing of Your Hybrid Active Directory
Discover just five of the ways On Demand Audit Hybrid Suite for Office 365 helps you secure your hybrid AD environment.
阅读白皮书
How to integrate Change Auditor with On Demand Audit
How to integrate Change Auditor with On Demand Audit

04:58

視頻
How to integrate Change Auditor with On Demand Audit
Learn how to integrate Change Auditor with On Demand Audit from Quest.
观看视频
What is Quest Change Auditor and how does it compare to and complement Microsoft ATP and third-party SIEM solutions?
What is Quest Change Auditor and how does it compare to and complement Microsoft ATP and third-party SIEM solutions?

14:10

視頻
What is Quest Change Auditor and how does it compare to and complement Microsoft ATP and third-party SIEM solutions?
Hear Quest product experts, Ghazwan Khairi, Bryan Patton and Robert Tovar discuss the real-time security and IT auditing of Change Auditor and how it compares to and integrates with SIEM solutions and Microsoft Advanced Threat Protection.
观看视频
Overcoming Office 365 Security & Compliance Auditing Challenges
白皮书
Overcoming Office 365 Security & Compliance Auditing Challenges
Overcoming Office 365 Security & Compliance Auditing Challenges
Commercial use of Office 365 has skyrocketed in recent years — but most organizations admit they still lack the mature audit capabilities they need to ensure security and regulatory compliance in the Microsoft cloud. It’s easy to see why. Getting a solid understanding of what's going on
阅读白皮书
Retailer Ensures PCI DSS Compliance
案例分析
Retailer Ensures PCI DSS Compliance
Retailer Ensures PCI DSS Compliance
Any retailer that wants to continue accepting credit cards needs to maintain compliance with PCI DSS standards — and prove it during annual audits. One of the PCI DSS requirements can be particularly tough to meet: storing a whole year’s worth of audit data. Discover how one large retail
阅读案例分析
Manufacturer ensures security and GDPR compliance
案例分析
Manufacturer ensures security and GDPR compliance
Manufacturer ensures security and GDPR compliance
To continue to thrive in its competitive market, Beltrame Group had modernized its IT environment, with help from Quest migration tools. But the IT team lacked the deep visibility required to properly manage and secure their new hybrid ecosystem. Now, with Change Auditor solutions for Active Directo
阅读案例分析
零售商确保PCI DSS合规性
案例分析
零售商确保PCI DSS合规性
零售商确保PCI DSS合规性
“为实现PCI DSS合规性,我们需要打开所有本地日志记录并为审核员提供过去一年的完整日志… 倘若没有InTrust,我们的空间恐怕早已耗尽。”大型零售连锁店企业管理员任何想要继续接受信用卡的零售商都需要遵守PCI DSS标准 — 并在年度审核期间予以证明。有一项PCI DSS要求可能特别难以满足:存储一整年的审核数据。了解一家大型零售商如何轻松顺利通过PCI DSS审核。依托Quest InTrust,该公司从百余个位置收集数百GB的数据并经济高效地存储数年 — 同时为审核和调查保留轻松、安全的访问。与此同时,Quest的Chan
阅读案例分析

博客

Workforce and IT Refresher Tips to Avoid COVID-19 Phishing Attempts

Workforce and IT Refresher Tips to Avoid COVID-19 Phishing Attempts

“Let no crisis go to waste.” This is the new mantra of every cyber criminal in the age of COVID-19. Around the globe, organizations are seeing an increase in phishing attempts that exploit our fear and desire for coronavirus information, ...

The Many Colors of AD Security – Microsoft Red Forest, Orange Forest, Greenfield or Blue?

The Many Colors of AD Security – Microsoft Red Forest, Orange Forest, Greenfield or Blue?

Discover the different models of Active Directory (AD) security, including the Red and Orange Forest models, Greenfield migrations, and Blue Team.

Top 10 Security Events to Monitor in Azure AD and Office 365 – [New eBook]

Top 10 Security Events to Monitor in Azure AD and Office 365 – [New eBook]

Learn about 10 places in your cloud environment that log important audit events. See how native tools fall short of ensuring your auditing compliance.