- Need a quick and easy way to provide monitoring of when new user accounts are created in your AD forest and domains?
- Need an easy way to know when a user becomes a member of the administrator groups?
- Want a powerful, flexible and effective tool for knowing what is running on your AD servers and when new code gets executed on these critical devices?
If you answered yes to any of these questions, read on.
HoneyPoint Wasp, a bleeding edge tool for anomaly detection on Windows Desktops and Servers has just been enhanced with the current release to extend these types of coverage (and more) to Windows 2003 & 2008 servers running an AD context of Primary Domain Controller & Backup Domain Controller. Yes, our customers have been asking for it, and we listened. Now, with a simple, no signature/no tuning/0-interface deployment, you can get centralized monitoring and visibility over your critical AD identity store. You can know what is running on these essential servers all of the time and when new users are created or promoted to administrative status.
Attackers commonly infect AD components as they move through the enterprise, often adding and promoting users as they go. In most incidents we have worked over the last several years, these changes have usually gone unnoticed until it was too late. That’s exactly why we built HoneyPoint in general and Wasp in particular, to answer this dire need and to help turn the tide against malware-based compromises.
Want to discuss how Wasp fits in your organization? Simply drop us a line at: (firstname.lastname@example.org) (remove the numbers/spam protection), or give us a call at 614-351-1237 to discuss it with your account rep. Wasp is powerful, yet easy to use, detection and with it in your corner, “Attackers Get Stung, Instead of YOU.”
Thanks for reading and stay safe out there!