Features

Hybrid environment auditing with a correlated view
Get a single, correlated view of activity across your hybrid Microsoft environments, ensuring visibility to all changes taking place, whether on premises or in the cloud. Audit hybrid environments and data including:

• AD and Azure AD users, groups, roles, identities and more

• Exchange and Exchange Online mailbox logins/activity, non-owner mailbox access, distribution groups and more

• SharePoint / SharePoint Online / OneDrive for Business files, folders, and more

• And AD logons and Azure AD sign-ins

Hosted dashboard
View hybrid AD and Office 365 activity together in On Demand Audit, a SaaS dashboard with flexible search and data visualisation.

Golden Ticket detection
Detect and alert on common Kerberos authentication vulnerabilities used during Golden Ticket / Pass-the-ticket attacks.

Change prevention
Protect against changes to critical data within AD, Exchange and Windows file servers, including privileged groups, Group Policy objects and sensitive mailboxes.

Auditor-ready reporting
Generate comprehensive reports for security best practices and regulatory compliance mandates, including SOX, PCI-DSS, HIPAA, FISMA, GLBA and more.

Improved insights with IT Security Search
Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualisations and event timelines.

Simplified investigations
Capture the originating IP address and workstation name for account lockout events, and view related logon and access attempts in an interactive timeline. This helps simplify detection and investigation of internal and external security threats.

High-performance auditing engine
Remove auditing limitations and capture access and security events without the need for native audit logs, resulting in faster results and incident response.

Security timelines
View, highlight and filter change events and discover their relation to other security events in chronological order across your AD and Microsoft platforms for better forensic analysis and security incident response.

Related searches
Get one-click, instant access to information on the change you’re viewing and all related events, such as what other access attempts were made by specific users, and when and where they were logged in. This simplifies the investigation of insider threats.

SIEM integration
Integrate with SIEM solutions to forward Change Auditor events to Splunk, ArcSight or QRadar.

Real-time alerts on the move
Receive critical change and pattern alerts to email and mobile devices to prompt immediate action, enabling you to respond faster to threats even while you’re not on site.

Role-based access
Configure access so auditors can run searches and reports without making any configuration changes to the application, and without requiring the assistance and time of IT administrators.

Web-based access with dashboard reporting
Search security and access events from anywhere using a web browser and create targeted dashboards to provide upper management and auditors with access to the information they need without having to understand architectures.

Product Brochures

• Change auditor for exchange datasheet

• Change auditor for logon activity datasheet

• Change auditor for netapp datasheet

• Change auditor for sharepoint datasheet

• Change auditor for skype for business datasheet

• Change auditor for sql server datasheet

• Change auditor for vmware vcenter datasheet

• Change auditor for windows file servers datasheet

• On demand audit hybrid suite for office365 datasheet

• Change auditor family datasheet

• Change auditor for active directory datasheet

• Change auditor for emc datasheet