Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Quest has tools and processes in place to identify, protect, detect, and remediate vulnerabilities and incidents when they occur, including external security partners. As part of our standard security operations, Quest does not use CrowdStrike in any of our operations. We are reviewing our third parties, and so far, there is minimal affect. It is Quest's policy not to provide further technical details unless they directly impact customer data.

Change Auditor 7.4 - Whats New

Table of Contents

What's New in Change Auditor 7.4

Support for modern authentication PowerShell enhancements Performance improvements Integration with Quest Security Guardian Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.3

SQL Extended Events auditing (Preview) Active Directory Database auditing enhancements Active Directory Database protection enhancements Event forwarding to Microsoft Sentinel Security improvements Logon Activity auditing enhancements PowerShell improvements Subscription failover support Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.2

Cyber security enhancements Certificate authentication for Office 365 Active Directory Federation Services auditing enhancements Foreign forest support Additional events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1.1

Additional Office 365 Exchange Online mailbox events Enhanced security auditing Search enhancements SIEM tool integration improvements Ability to audit and protect the Active Directory Database Ability to audit Active Directory Federation Services Foreign forest support Authentication enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1

Azure Active Directory and Office 365 updates Active Directory updates Foreign forest support On Demand Audit integration updates Authentication and Logon activity updates Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.4

Foreign forest support Additional internal events Azure Active Directory and Office 365 updates Threat Detection enhancements SIEM subscription updates and enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.3

Change Auditor and On Demand Audit integration Azure Active Directory and Office 365 enhancements Threat Detection enhancements Additional internal events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.2

Threat Detection updates and enhancements SIEM subscription updates and enhancements Additional PowerShell commands Ability to search based on authentication type and port Enhanced security between Change Auditor components (FIPS compliance) Azure Active Directory and Office 365 enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.1

GDPR built-in reports SIEM tool integration improvements Azure Active Directory auditing improvements Active Directory auditing improvements Improved tracking of changes to searches Additional platform support Email alert improvements Office 365 Exchange Online search improvements Miscellaneous enhancements and updates

What's New in Change Auditor 7.0

Updated license format Ability to forward event to third party tools Enhanced data security between the SQL Server and the coordinator Ability to manage Active Directory protection with PowerShell commands Ability to identify Read-Only Domain Controllers Search enhancements New built-in searches Additional platform support Miscellaneous enhancements and updates

What's New in Change Auditor 7.0.2

What’s New in Change Auditor 7.0.2

As a result of ongoing research and development, and in response to customer feedback, the following enhancements have been made in this release of Quest Change Auditor.

•

Threat Detection updates and enhancements

•

SIEM subscription updates and enhancements

•

Additional PowerShell commands

•

Ability to search based on authentication type and port

•

Enhanced security between Change Auditor components (FIPS compliance)

•

Azure Active Directory and Office 365 enhancements

•

Additional platform support

•

Miscellaneous features and enhancements

Threat Detection updates and enhancements

The following updates are included for your Threat Detection deployment:

•

Access to an update script and configuration commands to easily upgrade the Threat Detection server.

•

Support for deploying the Threat Detection server on Hyper-V.

•

Ability to enable single sign-on access for the Threat Detection dashboard.

•

Ability to specify a root password during the Threat Detection server deployment.

•

Ability to review the Threat Detection configuration status in the Change Auditor client (configuration page).

•

New events listed under the “Threat Detection - Risky User" facility and the "Threat Detection - Alert" facility:

•

Risky user identified

•

Risky user severity increased

•

Risky user severity decreased

•

Threat Detection alert added

•

Threat Detection alert marked as "actual risk"

•

Threat Detection alert marked as "not a risk"

•

Additional events details including:

•

Alert name, score, severity, and the number of alerts.

•

When the Threat Detection server started processing the alert.

•

Name of indicators associated with the alert.

•

User risk score and severity.

•

The number of points the alert adds to the user risk score (contribution to user score ).

•

Old and new severity values.

•

Tags that identify whether the user is an administrator or a watched user.

•

Comments that identify when an alert is set to 'not a risk’ or 'actual risk’.

•

A link to the Threat Detection dashboard from the event details pane to quickly gain more information on the potential threat.

•

Additional built-in searches:

•

All Threat Detection events in the last 7 days.

•

All Threat Detection risky user events in the last 7 days.

•

All Threat Detection alert events in the last 7 days.

•

All Threat Detection risky user and alert events in the last 24 hours.

SIEM subscription updates and enhancements

The following features have been added to improve your SIEM tool integrations:

•

Ability to modify the subsystems included in a SIEM subscription.

•

Ability to encrypt QRadar subscriptions with TLS/SSL.

•

Ability to include and display the raw JSON event details provided by Microsoft for Office 365 and Azure Active Directory events.

•

Ability to forward events to Quest IT Security Search (Preview mode).

Additional PowerShell commands

The following commands are available to help you manage your Change Auditor deployment:

Table 1. PowerShell commands

Assign, remove, and get an auditing template for a Change Auditor configuration.

•

Add-CATemplateToConfiguration

•

Remove-CATemplateFromConfiguration

•

Get-CAConfigurationTemplates

Assign an auditing configuration to a Change Auditor agent.

•

Set-CAAgentConfiguration

•

Invoke-CASearch

Manage Windows file system auditing.

•

New-CAWindowsFSAuditObject

•

New-CAWindowsFSAuditTemplate

•

Remove-CAWindowsFSAuditTemplate

•

Set-CAWindowsFSAuditTemplate,

•

Get-CAWindowsFSAuditTemplates

•

Get-CAWindowsFSEventClassInfo

Create and manage a Quest IT Security Search event subscription.

These commands are in preview mode for this release.

•

New-CAITSSEventSubscription

•

Get-CAITSSEventSubscriptions

•

Set-CAITSSEventSubscription

•

Remove-CAITSSEventSubscription

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center