Active Directory Diagnosis/Monitoring Service

Security business menu

Security business
HOME

To be elected
cause

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

TOP

Products/Services

User stories

Seminar content

seminar

Document request

inquiry

Event/Seminar

video on demand

Macnica

Evolutionary targeted attacks, which can be called exposure-type ransomware/destruction-type ransomware via e-mail, such as device vulnerabilities and EMOTET, are being carried out frequently, and there have been many reports of damage caused by hijacking of Active Directory. If the Active Directory is hijacked, important and confidential information within the company will be stolen and published on the dark web, or the company itself will be forced to stop its activities due to new ransomware, and it will be forced to pay a ransom to respond. fall into. By using this service, it is possible to detect and respond to threats of attacks targeting Active Directory at an early stage.

Service outline diagram

Features of this service

With the diagnostic service, it is possible to set various logs necessary for AD monitoring and detect theft of administrator accounts, suspicious PowerShell execution, group policy tampering, etc.
Detecting threats that cannot be detected by SIEM or EDR is possible because it is equipped with logic specialized for attack detection against AD and administrator terminals by analyzing AD agents and analysts installed in AD.
24/7 monitoring for early attack detection, escalation, and remote remediation if needed

Flow until service introduction

Service overview

Service item	Service details	remarks
Active Directory Spot diagnosis service	Analyze and report on threats to Active Directory.	Provide an EVTX file and analyze whether the logon information with administrator privileges is legitimate.
Active Directory monitoring service	Provides continuous analysis of threats to Active Directory and regular reports.	Continuously monitor and regularly report threats to AD. In the event of suspicious access or execution of PowerShell, we will promptly respond from the escalation remote.

Learn more about exposed ransomware

In addition to this service, our company offers a wide range of one-stop services, from assessment/consulting of the customer's security system to comprehensive monitoring of various devices including EDR, servers, and NW equipment, to response support in the event of a serious incident. We can help you. Please refer to each service page for details.

Inquiry/Document request

In charge of Macnica Security Service Co., Ltd.

inquiry Document request

TEL：045-476-2010
E-mail：sec-service@macnica.co.jp

Mon-Fri 8:45-17:30