Skip to content

Active Directory Security Platform

Alsid for Active Directory (AD) for continually anticipating, monitoring, and securing directory infrastructures in real time, whether on-prem or in the cloud

Alsid helps break the dynamic of most cyberattacks by continually protecting the most targeted entity, Active Directory. Despite being a mature and well-used software, Active Directory’s security has been greatly underserved, if not forgotten, over the past twenty years.

Our flagship solution, Alsid for AD, takes a low-touch, no-nonsense approach to innovative AD security. Alsid for AD is the first proactive security platform solely dedicated to Active Directory, capable of identifying breaches, detecting real-world exploitation, and providing elaborate in-context remediation plans. As a modern solution, the non-intrusive platform offers users flexibility with easy, instant-on functionality applying standard-only protocols.

Offering real-time, continuous monitoring capabilities, the platform analyzes hundreds of weaknesses and misconfigurations to offer SIEM-precise and correlated information reducing investigation efforts. The platform hardens directory infrastructures, enriches SOC capabilities with continuous AD threat detection, and empowers incident response and hunting teams to investigate AD-related threats.

Customers see immediate benefits – Alsid at-a-glance:

• Agentless and non-intrusive
• Seamless, no-nonsense architecture and integration
• Reduction in security risks with proactive real-time AD security
• Provides security assessments of different forests and domains
• Full RBAC model
• Intuitive dashboard-oriented admin console
• On-prem or cloud deployment

“Alsid is the answer to the two questions every CISO should be constantly asking – Are my domains adequately secured? And how can I independently prove it?”

Jamie Rossato – VP Information Technology & Cyber Security

A comprehensive approach

Fix Existing Weaknesses

  • Identify and resolve all exiting weaknesses
  • Initiate step-by-step remediation tactics to repair weaknesses and prevent attacks

Uncover New Attack Pathways

  • Continually identify new vulnerabilities and misconfigurations
  • Break attack pathways “on-the-go” and keep your threat exposure low

Ongoing Attack Detection

  • Detect attacks in real time and get alerts with actionable remediation plans
  • Route AD-specific alerts for SIEM and SOC environments

Enhanced Investigation and Threat Hunting

  • Correlate AD changes with attack pathways at object and attribute levels
  • Trigger response playbooks in your SOAR

Providing holistic Active Directory security

Alsid provides security for various Microsoft environments. These include the following:

Active Directory Domain Services (ADDS) Active Directory Certificate Services (ADCS) Azure AD Connect Azure Sentinel

Alsid for AD provides continuous monitoring at the schema level.

The Alsid platform highlights all objects and attributes with security concerns.

The platform offers security evaluations of different domans and forests.

Built-in trail flow that lists all AD changes in real time.

Track modifications made on specific AD groups.

The platform’s Indicators of Exposure (IoE) address each individual issue within ADDS.

Ability to track all modifications made on GPOs.

As a ‘plug-in’ to ADDS, ADCS is automatically supported as well.

As AD Certificate Services proposes new interfaces to manage certificates within ADDS, the Alsid platform has dedicated IoE to directly support ADCS. (The IoE are characterized by various attributes to manage priorities with ease for your AD security objectives.)

The Alsid platform sanity checks the on-prem AD, and extends to Azure AD to ensure the sync made via Azure AD Connect is not corrupt.

The platform has two IoE that are dedicated to continually check configurations of Azure AD Connect. Capabilities include detection and verification of last password changes and identifying passwords that need changing and permission levels associated with Azure AD Connect to ensure permissions are identical on Azure AD and on-prem AD.

Built-in advanced queries and workbooks for risk analysis and threat hunting.

Correlation feature to help consolidate different types of events from different systems.

Alsid for AD will format the data in a way that eliminates false positives from the AD security field.

Get immediate AD security overview inside Azure Sentinel with no complex configurations required.

How It Works:

Comments are closed.

Download pdf