The LT Auditor+ Best Practices Panels
The LT Auditor+ suite provides the intelligence required to audit user and administrative activity in accordance with organizational policies to demonstrate compliance with regulations and guidelines such as FFIEC, GLBA, Sarbanes- Oxley, HIPAA and NIST.
The LT Auditor+ Best Practices Panels are a set of panels that highlight network activity captured with LT Auditor+, encapsulated into intelligent, easy to use portals that assist organizations with improving cybersecurity practices and hygiene.
LT Auditor+ Best Practices Panels consists of the following categories each with panels or tabs containing specific visuals that display and disseminate valuable information required to improve an organization’s security posture.
1. Logon Activity
2. Active Directory Hygiene
3. Active Directory Activity
4. Group Membership
Logon Activity displays data that tracks logon activity in the organization. Details of each of the panels and visuals in this category are described below:
Active Directory Hygiene
Active Directory is the backbone of most organizations worldwide that governs access to resources and assets. Maintaining Active Directory hygiene ensures a reduced attack surface, resulting in significantly lowering the probability of security breaches, data exfiltration and exploitation.
The Active Directory hygiene panels display a set of key metrics that an organization must monitor to keep the system healthy and resilient against cybersecurity attacks.
Active Directory Activity
Monitoring and keeping track of changes in Active Directory are other core elements in reducing the probability of security breaches, data exfiltration and exploitation.
The LT Auditor+ Best Practices Active Directory Activity panel displays key Active Directory changes that have occurred, allowing for quick analysis and investigation. The panel also provide a set of key metrics on Privilege Escalations. Security Administrators must investigate events associated with user privilege escalation to ensure that escalation complies with organizational security policies. Additionally, attackers always look to escalate privileges so as to gain a foothold in the organization. This panel is a vital tool to discover and validate whether such activity is legitimate.
Privileged Groups panel displays information on all privileged group members and status while the Regular Groups panel provides the same on normal groups.