Lepide Auditor for

Active Directory auditing tool to monitor, audit, and report changes. Identify risk, monitor common attack paths, and detect attacks in real time.

x
Or Deploy With Our Virtual Appliance

Thousands of companies use Lepide to audit Active Directory, protect their data and detect threats

Thousands of Companies Use Lepide to Protect Their Data and Detect Threats

Video Thumb

Active Directory Auditing Software

Lepide Auditor for Active Directory provides a scalable means of auditing changes made to configurations and permissions. We provide answers to the important “who, what, where, and when” Active Directory auditing questions to help you bolster security, speed up investigations, mitigate the risks of privilege abuse and meet compliance requirements.

Analyze Risk to Active Directory Analyze Risk to Active Directory

Intuitive, customizable dashboards help you get critical audit information with regards to the risk to Active Directory. A Live feed of changes helps you stay on top of this risk.

Detect Threats to Active Directory Detect Threats to Active Directory

The majority of security threats originate with AD. Detailed, real-time Active Directory auditing, combined with machine learning anomaly spotting, helps you detect these risks faster.

Monitor Common Attack Paths Monitor Common Attack Paths

Keep an eye on what your most high-risk users are doing in your Active Directory, and spot changes in user behavior that could indicate ransomware, brute force attacks, privilege abuse and more.

Visualize Your Domain Visualize Your Domain

Analyze the effective permissions of your users and spot permission changes that might lead to excessive access to sensitive data.

Investigate Security Incidents Investigate Security Incidents

Detailed Active Directory audit logs give you the critical information and context you need in a single pane of glass to streamline your investigations.

Achieve and Maintain Compliance Achieve and Maintain Compliance

Generate pre-defined Active Directory audit reports that are mapped to specific compliance regulations, including GDPR, HIPAA, PCI, CCPA and more.

How to Use Lepide to Monitor and Audit Active Directory Changes for Better Security and Compliance

Bird’s Eye View of All Risks to Active Directory Security

Our risk assessment dashboards give you all the critical audit information you need about the state of your Active Directory Security.

Easily audit Active Directory permissions and configurations changes and spot potentially dangerous security states that need immediate attention.

AD risk assessment dashboards
Easily Audit the Structure of Your Active Directory

Active Directory structures can become complex and difficult to understand as an organization grows and evolves. Attackers can easily exploit a lack of visibility over this structure. Lepide gives you the ability to easily see who has what levels of access in Active Directory and how they got them so that you can easily visualize your AD structure.

Audit the Structure of Your Active Directory
Add More Intelligence to Your Active Directory Auditing

Machine learning backed behavior analytics learns what the normal behavior of your Active Directory users looks like and will alert you when anomalies are detected.

Audit and reverse Active Directory permission changes so that you can maintain a policy of least privilege and better govern access to datagovern access to data.

Automated responses can be triggered from real time alerts to help mitigate potential Active Directory threats and attacks.

Active Directory auditing tool
Granular Active Directory Audit Reports for Changes

We offer a single log for a single change displaying who, what, where and when the changes are made. We then provide this data to you through more than 100 relevant AD audit reports to help you address all manner of compliance, security, and IT operations challenges. Each report can be further customized with advanced filtration, searching, sorting, and other auditing functions. These Active Directory audit reports can also be shared with other users through a secure web console. Read more

Active Directory auditing reports
Audit Logon Activity and Spot Anomalies

Strange logon/logoff activity, such as users logging on out of office hours, or multiple failed logons in a short space of time, can be the signs of a potential threat. Auditing logon/logoff details for all users from the Event Viewer is like looking for a needle in a haystack. Our Active Directory auditing tool simplifies this search with simple yet detailed Active Directory auditing reports on failed logon events, concurrent logon sessions, and users logged on to multiple computers. Our AD auditing tool also sends real-time and threshold-based alerts for successful user logon or logoff and can spot anomalies in logon/logoff behavior.

Audit AD logon activities
Get Active Directory Objects’ State Reports

Our AD auditing tool periodically captures backup snapshots of Active Directory objects and saves their state. You can use these snapshots to generate historical reports on the state of users, groups, computers, and organizational units (the four important objects) at any given point in time. It gives you a clear picture of exactly when any of these objects were created or modified and what it’s properties are.

Active Directory state reports

What We Audit in Active Directory

Audit Active Directory Object Modification

Whenever an object created, deleted or modified in Active Directory, our Active Directory auditing tool will generate a report, providing all details about the particular object that has been created, modified or deleted and a real time alert can be sent if required. In this report, you will be able to see who created, deleted or modified the object, the object path, class, when it was created, modified or deleted and from where, all in one easy to read report.

AD auditing tool
Account Lockout Analysis

In any IT environment, it is advised that you lock accounts that are inactive for a long period of time or on which suspicious activities were taking place. However, locking an Active Directory user account can impact other activities linked to that account, which could be a mess left to the IT team to clean up. Lepide’s Active Directory Auditing tool comes helps you better handle user account lockouts, by auditing the account lockouts and providing the option to unlock or reset their passwords. You can also investigate which tasks, services, or processes will be impacted because of this account lockout.

AD account lockout analysis
Audit Active Directory Security Settings

Our AD Audit software offers you dedicated reports to help keep track of the security settings of Active Directory objects. In addition to permissions, you can also compare audit settings, and ownership of an object between intervals. You have the option to track all changes made in audit settings and object ownership, and also view them on any particular date. Our solution lets you search for an object in the audit entries or see a list of owners of a selected object.

Active Directory audit software
Restore Deleted Objects and Rollback Unwanted Changes

From time to time, a user account may be modified in error or a Junior Administrator may accidentally delete an OU. Our rollback feature enables you to reverse changes made in a single click. It restores everything to exactly as it was before the change – including group memberships, attributes, permissions and more. Read more

Rollback Active Directory changes
Audit Active Directory Group Membership Changes

Lepide’s Active Directory audit software helps overcome the limitations of native Active Directory auditing by showing all group membership changes over a given period in a single “Group Modifications” report. You can see the answers to the “who, what, where and when” Active Directory auditing questions in one, easy-to-read place.

Audit Active Directory Group Membership Changes
Audit Privileged User Activities

Lepide Active Directory Auditor lets you track the members of administrative groups in Active Directory to give you a clear picture of the privileged users. Our solution also offers a way to track all activities of Active Directory privileged users and sends real-time or threshold-based alerts for any critical change made by a privileged user account.

Audit Privileged User Activities

Our Success Stories

Western Connecticut Health Network

Lepide is straightforward to use and effective right off the bat. Plus, the level of patience, attentiveness and technical knowhow is far beyond most support and sales teams I’ve seen before.

Ratings Drayke Jackson Security Engineer Drayke Jackson
Edinburgh Napier University

We chose Lepide as they were able to offer us threat detection and response, and a way of separating out reporting duties to a web console – all from one platform.

Ratings Kevin Gallagher Senior Systems Administrator Kevin Gallagher
City of
Danville

Lepide is a perfect fit for our IT Security and Compliance requirements. It helps us cut out a lot of wasted time and money and now we know we can be compliant with industry standards.

Ratings Agnel Dsilva Information Technology Administrator Agnel Dsilva
FAQs

Lepide’s Active Directory Auditing tool enables you to audit all critical Active Directory changes, including which users can create, manage or delete domain controllers, user and computer accounts, security groups, organizational units, trust relationships, administrative workstations and more.

Lepide also enables you to audit changes to configurations and permissions that could result in users with excessive privileges. This is critical when implementing a policy of least privilege.

Lepide’s Active Directory auditing tool enables you to generate a list of users with privileged access, such as members of administrative groups, and shows you how these users gained that level of access. If any new privileged users are created, Lepide will send a real time alert and enable you to reverse the change if required. Lepide can also generate real time or threshold-based alerts for whenever changes are made by privileged users to your sensitive data or infrastructure.
Absolutely, Lepide can generate a list of the privileged security groups in your Active Directory and show you which users are members of these groups. You can delve into the members of these groups to determine what changes they are making to sensitive data. You can also audit historic permission changes and compare between two dates to see how your Active Directory security groups have changed.
Our AD auditing tool gives you the ability to accurately determine effective permissions in Active Directory and improve the way you govern access to your data. This ability is all you need to effectively deny attackers the access they need to use the DCSync feature of Mimikatz and other similar attack tools. Specifically, you can use Lepide to determine which of your users has the Get Replication Changes All extended right effectively granted on the domain root object.
Absolutely, Group Policy is a vital part of our Active Directory auditing software. Any changes to Group Policy settings could put your sensitive data at risk. Lepide’s Active Directory auditing software has in-built group policy reporting and auditing tools to help you audit critical changes to Group Policy, including the vital “who, what, when, where” auditing information.
Lepide’s AD auditing software enables you to roll back Active Directory and Group Policy changes using backup snapshots. Lepide also allows you to recover and restore Active Directory and Group Policy objects from Tombstone or Logically Deleted states.
Ongoing, continuous Active Directory auditing, especially where permissions and configurations changes are concerned, will help you spot a variety of threats to your AD security, including insider threats, ransomware, privilege abuse and more. Lepide’s Active Directory auditing tool comes with in-built security threat models to help simplify threat detection and response.
Building active directory audit reports can be a time consuming and difficult process. Lepide Active Directory audit software comes with hundreds of in-built reports to simplify your active directory audits, including Active Directory modification reports, Active Directory state reports, Active Directory Organizational Units reports, User reports, Group reports, User Password Expiration Reminders and more.