Quest’s latest innovations in modernization, migration, ITDR & disaster recovery

As noted in our previous blog post, Quest was right there with Microsoft for the birth of Active Directory more than 25 years ago. Ever since, we’ve been constantly innovating to deliver solutions that empower organizations in areas like cybersecurity, hybrid identity modernization, identity threat detection and response (ITDR), and disaster recovery.

We’re eager to share those innovations with you in the Quest blog. Each quarter, we’ll be providing a roundup of the latest capabilities and enhancements. In this inaugural edition, we’re excited to discuss our recent advancements that are either generally available or coming very soon in the following areas:

  • Zero impact modernization
  • Outcome-driven migrations
  • Identity threat prevention, detection, and response
  • Secure and flexible disaster recovery

Zero impact modernization

Quest has long been the leader in Microsoft migration, and we’re continuing to simplify the process of moving identities, data and devices to make the process seamless and pain-free for IT teams and end users alike. Here are the latest improvements to know about:

  • AD Modernization Report Pack — Enterprise Reporter will soon add a convenient set of more than two dozen reports designed specifically to identify vulnerabilities in Active Directory and help you improve your security posture.
  • Self-service device migration portal — If the IT team migrates a user’s device at the wrong time, the result can be anything from a minor inconvenience to a critical deadline being missed. Scheduled for end of May release, On Demand Migration will solve this issue by empowering users to manage their own device migrations on their own timelines. It’s a win-win that minimizes operational disruptions and reduces IT team workload.
  • Application Migration Assessment service — Getting your application migration right is vital to controlling costs and minimizing security risks. Effective planning is more complex than it might seem, so Quest now offers a comprehensive Application Migration Assessment service. You’ll get detailed insight into what applications you have, where they are running in your environment, and how they interact with each other and your infrastructure, along with clear recommendations for what to do with each application: rehome it to the target Active Directory forest, rehome it to Azure, re-platform it or retire it. 
  • Support for sensitivity labels — Applying sensitivity labels to files, emails and other content is becoming an increasingly common method for protecting sensitive data and ensuring compliance with information protection policies. Understanding how Copilot for Microsoft 365 works with sensitivity labels is also essential to ensure that AI cannot access company data that should not be accessed. On Demand Migration now supports the migration of content that has sensitivity labels and encryption: During your migration project, those labels and encryption will be reapplied in the target tenant to ensure that users retain access to their data. This feature is available for content stored in Exchange Online, OneDrive and SharePoint Online.

Outcome-driven migrations

The Quest team has also developed a number of innovations to make migrations both easier and more secure:

  • AI-powered assistant for Active Directory migrations — Migrations are complex endeavors, so issues are inevitable. But pinpointing the problem and figuring out a solution no longer requires painstaking manual analysis of migration logs and knowledge base articles. On Demand Migration uses AI to automatically surface critical insights and provide actionable recommendations, speeding issue resolution and freeing up migration experts to focus on more strategic tasks.
  • Streamlined SharePoint migrations — The Quest R&D and product teams have enhanced the On Demand Migration platform more broadly as well, making it more robust, user-friendly and aligned with customer needs. Here’s one measure of the success of our efforts: A Quest partner who had previously expressed frustration with SharePoint migrations has now registered three new deals for SharePoint migrations using On Demand Migration.
  • Least-privilege permissions for SharePoint and Exchange Online migrations — Migration tools traditionally required full tenant access, which increases security risks. As organizations prioritize security and compliance, Microsoft introduced Sites.Selected and RBAC for Applications permissions, which enable granting scoped access rights to specific SharePoint sites and Exchange Online mailboxes. Quest On Demand Migration now supports these permissions, providing a safer, more controlled way to manage migrations while minimizing security vulnerabilities.

Identity threat prevention, detection and response

Quest is also driving the next evolution of ITDR with valuable updates to Security Guardian and Enterprise Reporter.

Security Guardian enhancements

Security Guardian is a cutting-edge SaaS security solution designed to significantly reduce the attack surface of hybrid Active Directory environments and accelerate response to active threats. Later this quarter, we’re delighted to release three vital new capabilities:

  • Shields Up — Too many organizations still rely on after-the-fact alerts, which leave them vulnerable to threats that move too fast for manual intervention. Security Guardian Shields Up closes this critical gap by enabling you to temporarily prevent any changes to your Tier 0 objects. As a result, you can block attackers from achieving their key goals of privilege escalation, lateral movement and persistence.
  • AI assistant — Security Guardian also now features AI-driven security analysis that provides clear, actionable insights, enabling proactive threat management.
  • Hybrid Audit — This new solution is designed for Change Auditor customers eager to streamline their transition to the cloud. It maintains all the key benefits you love about Change Auditor while adding valuable capabilities such as an intuitive user interface, deep visibility into both directory changes and authentication events, advanced search, simplified management, enhanced performance (even with huge datasets), and reduced IT overhead by eliminating the need to maintain an on-premises SQL database.

Enterprise Reporter enhancements

The latest version of Enterprise Reporter will also include significant updates. To stay on top of the newest technology advancements, it features support for Windows 2025 and the latest security protocols, including TLS 1.3.

In addition, the release adds full support for environments where NTLM authentication is disabled. Microsoft is urging customers to eliminate this old authentication protocol because of its many vulnerabilities, and Quest is in full agreement. The new support for Kerberos-only environments enhances the security of Enterprise Reporter and helps improve supply chain security.

Secure disaster recovery with launch of Disaster Recovery for Identity

In addition to a robust threat prevention, detection and response strategy, every organization today needs to ensure it can recover quickly from incidents, from deliberate attacks to issues like IT admin errors, power outages and equipment failures. SaaS-based disaster recovery for Active Directory is vital to slashing the soaring cost of downtime.

Accordingly, we’re proud to introduce the latest solution in the Quest unified security and modernization platform: Disaster Recovery for Identity. This SaaS solution enables you to recover 90% faster than traditional enterprise backup & recovery tools. As a result, you can save millions in downtime costs, as well as eliminate the ongoing expense of hosting and managing an on-prem application.

Stay tuned!

Quest has more than 300 people across R&D today — almost as many people as other vendors have total employees. So don’t be surprised when next quarter’s update reveals another large set of valuable innovations for modernizing and securing your hybrid and cloud identities.

Blog Post CTA Image

Related Content