Real-time security and IT auditing for your Microsoft Windows environment

Change reporting and access logging for Active Directory (AD) and enterprise applications is cumbersome, time-consuming and, in some cases, impossible using native IT auditing tools. This often results in data breaches and insider threats to AD and other Microsoft platforms, and can go undetected without protections in place.

Fortunately, there’s Change Auditor. With Change Auditor, you get complete, real-time IT auditing, in-depth forensics and comprehensive security monitoring on all key configuration, user and administrator changes for Microsoft Active Directory, Azure AD, Exchange, Office 365, Exchange Online, file servers and more. Change Auditor also tracks detailed user activity for logons, authentications and other key services across enterprises to enhance threat detection and security monitoring. A central console eliminates the need and complexity for multiple IT audit solutions.


Hybrid environment auditing with a correlated view
Get a single, correlated view of activity across your hybrid Microsoft environments, ensuring visibility to all changes taking place, whether on premises or in the cloud. Audit hybrid environments and data including:

  • AD and Azure AD users, groups, roles, identities and more

  • Exchange and Exchange Online mailbox logins/activity, non-owner mailbox access, distribution groups and more

  • SharePoint / SharePoint Online / OneDrive for Business files, folders, and more

  • And AD logons and Azure AD sign-ins

Hosted dashboard
View hybrid AD and Office 365 activity together in On Demand Audit, a SaaS dashboard with flexible search and data visualisation.

Golden Ticket detection
Detect and alert on common Kerberos authentication vulnerabilities used during Golden Ticket / Pass-the-ticket attacks.

Change prevention
Protect against changes to critical data within AD, Exchange and Windows file servers, including privileged groups, Group Policy objects and sensitive mailboxes.

Auditor-ready reporting
Generate comprehensive reports for security best practices and regulatory compliance mandates, including SOX, PCI-DSS, HIPAA, FISMA, GLBA and more.

Improved insights with IT Security Search
Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualisations and event timelines.

Simplified investigations
Capture the originating IP address and workstation name for account lockout events, and view related logon and access attempts in an interactive timeline. This helps simplify detection and investigation of internal and external security threats.

High-performance auditing engine
Remove auditing limitations and capture access and security events without the need for native audit logs, resulting in faster results and incident response.

Security timelines
View, highlight and filter change events and discover their relation to other security events in chronological order across your AD and Microsoft platforms for better forensic analysis and security incident response.

Related searches
Get one-click, instant access to information on the change you’re viewing and all related events, such as what other access attempts were made by specific users, and when and where they were logged in. This simplifies the investigation of insider threats.

SIEM integration
Integrate with SIEM solutions to forward Change Auditor events to Splunk, ArcSight or QRadar.

Real-time alerts on the move
Receive critical change and pattern alerts to email and mobile devices to prompt immediate action, enabling you to respond faster to threats even while you’re not on site.

Role-based access
Configure access so auditors can run searches and reports without making any configuration changes to the application, and without requiring the assistance and time of IT administrators.

Web-based access with dashboard reporting
Search security and access events from anywhere using a web browser and create targeted dashboards to provide upper management and auditors with access to the information they need without having to understand architectures.


Change auditor for exchange datasheet
Change auditor for logon activity datasheet
Change auditor for netapp datasheet
Change auditor for sharepoint datasheet
Change auditor for skype for business datasheet
Change auditor for sql server datasheet
Change auditor for vmware vcenter datasheet
Change auditor for windows file servers datasheet
On demand audit hybrid suite for office365 datasheet
Change auditor family datasheet
Change auditor for active directory datasheet
Change auditor for emc datasheet