Netwrix Auditor for Azure Active Directory
Overview
Get actionable audit data about all changes and logons in your Azure Active Directory. Netwrix Auditor for Azure AD enables you to quickly detect and investigate incidents that threaten your cloud security or could cause downtime.
Watch the Video
Features
Insightful change monitoring
Simplifies Azure AD auditing by delivering detailed information about all changes, including who made the change, the date and time it occurred, exactly what was changed, and the current and past values.
Detailed logon tracking
Facilitates Azure AD access control for security and compliance by pulling together user and admin sign-in logs and providing security reports on both successful and failed attempts to access your Azure AD and cloud applications.
Advanced Azure Active Directory reporting
Streamlines Azure AD activity monitoring with an overview dashboard and detailed scheduled and on-demand audit log reports that offer filtering, sorting and exporting options.
Alerts on threat patterns
Notifies you about critical Azure AD activity that puts your environment at risk, such as role changes or repeated failed logons, so you can respond to incidents in time to prevent real damage.
Behavior anomaly discovery
Improves detection of malicious insiders and compromised accounts by aggregating their anomalous activity in Azure Active Directory and other systems, both on premises and in the cloud.
Interactive search
Enables you to quickly sort through your audit data by fine-tuning your search criteria until you find the root cause of an issue or the answer to a specific question from a compliance auditor.
Streamlined compliance reporting
Slashes preparation time for compliance audits with predefined activity reports mapped to PCI DSS, HIPAA, GDPR, SOX, GLBA, FISMA/NIST, CJIS and other regulatory standards.
User Behavior and Blind Spot Analysis
Makes it easy to detect subtle indicators of threats in your Azure AD, such as unusual logons that might indicate account takeover or a disgruntled privileged user trying to hide behind temporary accounts.
Unified platform
Delivers visibility into Azure AD, Office 365, on-prem AD and other critical systems with a single unified platform. Brings more context to your SIEM data and centralizes monitoring of any enterprise application with a RESTful API.
