Active Directory Auditing, Reporting, and Governance Software

STEALTHbits provides end-to-end directory security compliance, governance, and threat detection for Active Directory.

Request a Free Trial

Powered by ChronoForms -

Auditing, Reporting, and Governance

Auditing & Reporting

  • Catalog user, group, and computer object information, including object attributes, permissions, and direct group membership across the entire AD environment
  • Identify and remediate “toxic” group and user conditions
  • Keep track of the members of sensitive Active Directory Security Groups and users with elevated permissions to Active Directory objects
  • Report on account lockout events occurring within the targeted environment
  • Enumerate group memberships to report on all user objects with effective membership through both direct and nested sources
  • Generate dozens of preconfigured reports aligning to multiple compliance standards (SOX, HIPAA, PCI-DSS, GDPR, etc.)
  • Craft custom queries and reports aligning to organization-specific requirements


  • Identify and assign group owners
  • Enable owners to perform periodic group membership reviews
  • Enable self-service group membership requests
  • Allow group owners to perform ad-hoc membership changes

Directory Security Compliance & Vulnerability Assessment

  • Identify who has specific permissions on any or all Active Directory objects
  • Report on advanced security permissions across all Organizational Unit objects in AD, including conditions like Broken Inheritance and Open Access
  • Report on the password status of all users to highlight potential issues and security vulnerabilities
  • Identify critical security misconfigurations that attackers use to compromise credentials


  • Programmatically or automatically clean-up stale AD objects
  • Automatically create and delete users, modify user, group, and computer attributes, enable and disable users, move objects, clear or set SID History, and more
  • Identify users with excessive token sizes due to historical SIDs and effective group memberships
  • Identify incomplete attributes on user objects and auto-populate proper values through correlation with alternative data sources

Change & Access Monitoring

Change & Access Auditing

  • Monitor and optionally block any and all changes to objects and attributes, by whom, from where, along with before and after values
  • Automatically resolve group membership changes of nested groups to parent groups in real-time
  • Monitor and optionally prevent changes to Group Policy Objects
  • Monitor and optionally block all or specific authentication traffic within Active Directory, including who and what, when, from where, and the security protocols being leveraged (e.g. Kerberos vs. NTLM)
  • Highlight the source of user lockout events correlate with recent password change activities to further expedite issue resolution

Privileged Account Monitoring

  • Monitor, block, and alert upon changes and authentication activities made by or to Privileged Accounts

Attack Detection

  • Detect advanced threats, suspicious activities and patterns indicative of account compromise such as NTDS.dit file extraction, Golden Tickets, Lateral Account Movement, Breached Passwords, Concurrent Logins, and more

Security Operations

  • Forward all or specific events directly to SIEM for a more contextual security event feed, consolidated alerting, and correlation with other data sources

Compliance Fulfillment

  • Generate dozens of preconfigured reports aligning to multiple compliance standards (SOX, HIPAA, PCI-DSS, GDPR, etc.)

Threat Detection

Attack Detection

  • Detect suspicious queries against critical AD objects and attributes that often occur early in the attack kill chain

Operational Monitoring

  • Detect expensive and taxing LDAP queries against Active Directory Domain Controllers

Rollback & Recovery

Rollback & Recovery

  • Rollback and recover single or multiple attributes to a previous point in time for one or more objects, including Active Directory integrated DNS
  • Restore deleted Active Directory objects with the attributes they had prior to deletion

Incremental Backup

  • Schedule backups of an Active Directory environment to run hourly, daily, or weekly, as well as on demand

Search & Compare

  • Search for any or all changes to objects and visualize their previous vs. current state


Active Directory Group Governance

Data Sheet

Learn More

Top 7 Security Activities to Monitor in Active Directory

Executive Brief

Learn More

A Look into Active Directory across Organizations

White Paper

Learn More

Free Risk Assessment
Free Trial Request
STEALTHbits Demo Request
Browse Resource Library
Free Risk Analysis STEALTHbits' Credentials and Data Security Assessment is your Business-Justification-in-a-Box!x