Introducing ADAudit Plus' Attack Surface Analyzer—Detect 25+ AD attacks and identify risky Azure configurations. Learn more×
Phone Get Quote
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Attack surface analyzer (ASA)

You cannot stop what you cannot see. ADAudit Plus' ASA provides visibility into AD attacks and risky Azure configurations, helping you mitigate threats that impact the security of your AD and cloud environments.

attack-surface-analyzer-trust-company-logos-24 attack-surface-analyzer-trust-company-logos-24

Over 280,000 organizations across 190 countries trust ManageEngine to manage their IT

25.6 B

Azure AD brute force authentication attacks were blocked in 2021. - Microsoft


of customers affected by security incidents had an insecure AD configuration. - Microsoft


Penetration testers breach AD almost 100% of the time. - Cyber Defense Magazine


Thank you

Thank you for your interest in ManageEngine ADAudit Plus. We have received your request for a personalized demo and will contact you shortly.

  • By clicking 'Submit' you agree to processing of personal data according to the Privacy Policy.
  • Threat features
  • Why choose ADAudit Plus
  • Get quote
  • About ADAudit Plus
  • FAQ

Highlights of ADAudit Plus' threat mitigation capabilities

  • Indicators of compromise (IoC)

    Detect 25+ AD attacks including credential access attacks like Kerberoasting, Golden Ticket, and DCSync; lateral movement attacks like pass-the-hash, pass-the-ticket, and ransomware; and privilege escalation attacks like RID hijacking.

    Indicators of compromise (IoC)
  • Indicators of exposure (IoE)

    Identify risky Azure configurations, like allowing public access to an Azure virtual machine, which exposes it to attacks like brute-force. Get step-by-step remediation guidance based on industry best practices like NIST.

    Indicators of exposure (IoE)
  • Network and process attacks

    Leverage the MITRE ATT&CK to spot 15+ network attacks and 20+ process attacks like Indirect Command Execution, where an adversary bypasses defense filters that restrict certain executables from running.

    Network and process attacks
  • UBA and risk assessment

    Leverage machine learning to get visibility into anomalous logon, user management, process, and file activities. Identify risks like a user exercising a privilege for the first time.

    UBA and risk assessment
  • Automated incident response

    Automate response actions like shutting down a device once an alert gets triggered. Auto-generate tickets in ServiceNow for critical activities like password resets and account lockouts.

    Automated incident response
  • AD backup and recovery

    Back up all AD objects including users, computers, groups, OUs, GPOs, and DNS. Restore all objects to any of their previous states when needed.

    AD backup and recovery
Indicators of compromise (IoC)
Indicators of exposure (IoE)
Network and process attacks
UBA and risk assessment
Automated incident response
AD backup and recovery

3 compelling reasons to choose ADAudit Plus

Widely recognized

ADAudit Plus has been recognized as a Gartner Peer Insights Customers’ Choice for Security Incident & Event Management (SIEM) for four consecutive years.

Easy deployment

Go from downloading ADAudit Plus to receiving predefined reports and alerts in under 30 minutes, without any professional help.

Competitive pricing

ADAudit Plus is licensed per-server, unlike other IT auditors which are licensed per-user. With per-server licensing, even with a growing number of users each year, you can continue to ingest log data without additional costs.

Find the perfect plan for your business

Annual price starts at $595
To assist your evaluation we offer:
  • 30-day fully functional free trial
  • No user limits
  • Free 24*5 tech support

Thank you!

Thank you for your interest in ManageEngine ADAudit Plus. We have received your request for a price quote and will contact you shortly.

  • Add-ons

    Track successful and failed file accesses, ownership changes, permission changes, and more in Windows file servers and failover clusters.
    Audit NAS devices:
    • NetApp
    • EMC
    • Synology
    • Hitachi
    • Huawei
    • Amazon FSx for Windows file servers
    • QNAP
    Audit Windows servers:
    • Local logon/logoff
    • File integrity
    • Printers
    • ADFS
    • LAPS
    • ADLDS
    Audit Workstations:
    • Employee Works Hours
    • Local Logon/Logoff
    • Local Account Management
    • Startup/Shutdown
    • File Integrity
    • System events
    • Removable Storage Auditing(USB)
    Audit Azure:
    • Hybrid AD
    • Sign-in activity
    • MFA usage
    • Application usage
    • Role and group changes
    • Device changes
    • Application changes
    • License changes
    AD Backup and Recovery add-on is licensed based on the number of enabled AD user objects. There are no restrictions on the number of Groups, Computers, OUs, or other AD objects that can be backed up using this add-on. Learn more
  • By clicking 'Get Price Quote', you agree to processing of personal data according to the Privacy Policy.

A 1-stop solution for all your
IT auditing, security, and compliance needs

ADAudit Plus equips you with capabilities—like change auditing, logon monitoring, lockout analysis, privileged user monitoring, file auditing, attack surface analysis, threat detection and response, compliance reporting, and more—across a wide variety of IT systems.

  • Active Directory  
  • Microsoft Entra ID  
  • Windows Server  
  • Azure files  
  • EMC storage  
  • Mac workstation  
  • Windows file server  
  • NetApp filer and cluster  
  • Windows workstation  
  • Huawei Oceanstor  
  • Synology file server  
  • QNAP file server  
  • Hitachi NAS  
  • Amazon FSx for Windows file server  

Frequently Asked Questions

How is ASA licensed?

ADAudit Plus' ASA feature is not licensed separately. ASA for AD is included in the AD (DC) license, while ASA for Azure is included in the Azure AD tenant license.

How do I configure ASA?

ASA for AD requires no configuration. ASA for Azure can be configured following the steps in this document.

How do I evaluate ASA?

To test ASA in your environment, you can download a fully-functional 30-day trial.

To have an expert take you through the features of ASA, you can schedule a personalized demo.

To see ASA in action directly from your browser, you can launch an instant demo. In the Demo page, click on Administrator Login, and navigate to Active Directory > Attack Surface Analyzer or Cloud Directory > Attack Surface Analyzer.

How is AD backup and recovery licensed?

The fully-functional AD backup and recovery feature is available as an add-on.

  Zoho Corporation Pvt. Ltd. All rights reserved

ADAudit Plus Trusted By