Quest^® Security Guardian

Updated December 16, 2025

 

These release notes provide information about Quest® Security Guardian deployments.

Quest^® Security Guardian is an integrated On Demand solution that helps you keep the Active Directory domains and Entra ID tenants in your organization secure.

You can:

• Identify Tier Zero objects in Active Directory.

• Identify Privileged objects in Entra ID.

• Certify that objects are indeed Tier Zero or Privileged and, when Quest Change Auditor version 7.4 is integrated, protect Active Directory Tier Zero objects against unauthorized or accidental modification or deletion.

• Run pre-defined Security Assessments to identify vulnerabilities in Active Directory and Entra ID and create your own Assessments.

• Investigate Findings for Tier Zero and Privileged objects, vulnerabilities identified through Assessments, and Critical Activity from Audit.

• Have Findings forwarded to a SIEM tool and alerts sent to selected email recipients.

• Lock down critical Active Directory objects, preventing unauthorized or accidental changes using Sheilds Up. This feature enforces a highly restrictive, pre-configured lockdown on Tier Zero objects—such as users, groups, computers, and policies. While intended for temporary emergency use, Shields Up can also be deployed continuously as a proactive security measure.

• Audit and monitor critical activities and real-time alerts on important changes across Microsoft 365 services, including Exchange Online, SharePoint Online, Teams, OneDrive for Business, and Microsoft Entra.

• Integrate with Quest Change Auditor to search and correlate identities across both on premises and in the cloud to give a seamless view of activity in hybrid Microsoft environments. Specifically auditing enables:

  • Fast and flexible searches for easy investigation and accurate results across tenants and on premises environments
  • Interactive visualizations and dashboards to summarize audit activity
  •   Easy to use customizable alerts based on audit event searches
  • Long term storage of audit events outside of Microsoft 365 and Change Auditor for a retention period of up to 10 years 

• Review service principals and their associated security posture within your Entra ID environment to identify risky permissions, assess sign-in status, and monitor compliance with security .

• Monitor and analyze activity across both your on-premises and cloud-based Microsoft environments from a single, unified interface using Hybrid Audit.

• Use Security Guardian Intelligence AI assistance to:

  • Help you ask focused questions tailored to your environment.

  • Gain valuable insights into the security posture of your organization’s Active Directory and Entra ID systems.

  • View critical vulnerabilities and issues identified during assessments and offers practical recommendations for remediation.