A common way attackers gain access to an organization's network is by breaking into an obsolete or stale account and using its privileges for infiltration. Having a proper Active Directory (AD) cleanup process in place can help seal this security loophole, but the real challenge is spotting which accounts need to be disabled or deleted.
Log360 speeds up AD cleanup by providing abundant information on the accounts in your AD environment. Once it's extracted information from your AD environment, Log360 consolidates all that data into graphical reports, making it easy for you to find the information you want. For instance, instead of going into each user's AD profile and checking whether they've been locked out recently, Log360 has a report that quickly shows you those accounts.
Log360 has more than 1,000 built-in reports, including one separate set that's just about accounts in your AD setup. Reports on inactive, disabled, and locked out users and computers can help you weed out accounts which are no longer required or whose logon activities indicate something fishy.
AD changes directly affect your organization's security, so you need some type of notification when accounts are created, deleted, or modified in another way. Log360's alerting module lets you configure alerts for the changes you think are important, and sends you an email and SMS as soon as these changes occur. Log360 can also automatically respond to specific alerts using preconfigured scripts, allowing you to quickly mitigate the damage caused by malicious activity.
Available Reports:
Inactive Users | Disabled Users | Locked out Users | Never Logged on Users | Recent Bad Logged on Users | Recently Created Users | Recently Deleted Users | Recently Created Groups | Recently Deleted Groups | Inactive Computers | Disabled Computers | Recently Created Computers | Recently Deleted Computers | Recently Created Contacts | Recently Deleted Contacts