Demo  Get Quote
 
 
 

Access to admin credentials got you worried about security?

With ADAudit Plus' LAPS event log auditing, continuously keep track of who is viewing or modifying local admin credentials.

ADAudit Plus' LAPS audit tool provides information on:

  • Users who have viewed passwords.
  • Users who have modified a password's expiration time and date.

    Usually, the LAPS changes passwords automatically on a frequent basis. ADAudit Plus notifies administrators when password expiration dates are extended due to the event's contentious nature.

LAPS Password Read Audit
LAPS Password Expiry Change Audit

Local administrator accounts have full access to the machine they are located on, and can assign rights and permissions to users as necessary. But, managing local administrative accounts has always been a problem. In the past, using a common username and password to simplify access for help desk admins was standard practice. This left systems vulnerable to attacks, including pass the hash attacks that obtain clear text passwords without the use of brute force. 

The Local Administrator Password Solution (LAPS) can help mitigate attacks and also act as a central repository of local administrator passwords in Active Directory, without the need for additional software applications or special hardware. LAPS uses group policy client-side extensions that generate random passwords for every member on the domain. It also automatically generates new passwords upon expiration, which are stored in a secure attribute inside the computer's Active Directory computer account. A domain administrator can then allow a preferred set of users to read these passwords using their own AD credentials.

Since LAPS contains domain-wide, local administrator security information, it is essential to monitor and audit LAPS.

ADAudit Plus' advantage over native auditing tools.

Top-notch search and parse capabilities.

Leverage technology for improved performance.

Seamless SIEM integrations.

Integrate directly with popular SIEM tools.

User behavior analytics.

Leverage advanced statistical analysis and machine learning techniques to detect anomalous behavior.

Out-of-the-box compliance reports.

Meet various compliance standards, such as SOX, HIPAA, PCI, FISMA and GLBA.

Data archiving.

Plan resource capacity by studying resource utilization patterns over time.

Comprehensive search.

Search across all reports, AD Objects, configuration pages, and help docs.

4 compelling reasons to choose ADAudit Plus

Widely recognized

ADAudit Plus has been recognized as a Gartner Peer Insights Customers' Choice for Security Incident & Event Management (SIEM) for four consecutive years.

Easy deployment

Go from downloading ADAudit Plus to receiving predefined reports and alerts in under 30 minutes, without any professional help.

Competitive pricing

ADAudit Plus is licensed per-server, unlike other IT auditors which are licensed per-user. With per-server licensing, even with a growing number of users each year, you can continue to ingest log data without additional costs.

Unified visibility

ADAudit Plus consolidates auditing, security, and compliance across Active Directory, Entra ID, Windows servers, workstations, and file servers into a single pane of glass, eliminating the need to juggle multiple tools.