What is Health Technology? Definition, Benefits, Challenges
ManageEngine: Detecting indicators of compromise via Active Directory
Nearly all attacks require an identity to be compromised at some point. The majority of organisations store identities using Microsoft Active Directory to manage the users’ access rights and control the use of privilege. The use of identities can be traced via domain controllers, which authenticate users to access areas of IT infrastructure. Attackers will target these devices as they seek out data of value; however, their behaviour will differ from that of legitimate users, especially as they attempt to enhance their privilege. These anomalies can be detected with the right tools, enabling indicators of compromise to be identified at a critical stage.
In this podcast, Bob Tarzey speaks with Vivin Sathyan, Senior Security Expert at ManageEngine. Vivin identifies six key events that ManageEngine believes should be closely monitored. He also provides insight into how ADAudit Plus uses ML to improve its performance over time and how it works alongside SIEM tools. Also, Vivin explains the broad reach of ADAudit Plus to track the use of identities and file access. Finally, he looks at the potential for ADAudit Plus to track abuse of privilege.
Join 34,209 IT professionals who already have a head start
Recommended Content
Trending Content
Digital Transformation Week Unveils Keynote Topics: Empowering Enterprises with Real-World Insights
Generative AI and Deepfake Expert, Henry Ajder to discuss the impact of generative AI on cybersecurity at Infosecurity Europe 2024
Cisco Duo SMS Logs Exposed in Third-Party Data Breach