On Demand Audit
Streamline security, compliance & change auditing for hybrid
Microsoft environments. As you move more workloads to the Microsoft cloud, your reliance on Azure AD will increase, and so will the risk and complexity in securing your hybrid environment. Unfortunately, the Office 365 and Azure AD security logs do not provide consolidated views of on-premises and cloud activity, and system-provided tools do not make it easy to identify exploits, vulnerabilities, and suspicious activity. Quest® On Demand Audit tracks all configuration, user and administrator changes made across AD, Azure AD, file servers, network-attached storage, Exchange Online, SharePoint Online, OneDrive for Business and Teams. On Demand Audit proactively highlights security vulnerabilities and anomalous activity, and accelerates incident investigations through responsive search and contextual, interactive data visualizations.
On Demand Audit is an Azure-hosted SaaS solution that provides visibility and insight into all configuration, user and administrator changes made across AD, Azure AD, file servers, network-attached storage, Exchange Online, SharePoint Online, OneDrive for Business and Teams. On Demand Audit combines on-premises threat prevention provided by Change Auditor with dynamic vulnerability assessment, automatic anomaly detection and contextual visualizations to mitigate costly attacks and speed security investigations.
What you get
Security vulnerability dashboard
Analyze event data from on-prem and Office 365 workloads for a single view of security vulnerabilities and anomalous activity across your hybrid environment. Be alerted to indicators of compromise (IOCs), including Kerberos exploits, offline extraction of the AD database, unauthorized domain replication, changes to sensitive groups and roles, as well as unusual spikes in sign-in failures, account lockouts and activity by external guest users. Accelerate investigations through contextual visualizations to detect and stop breaches before they wreak havoc in your network.
That’s not all!
Interactive data visualizations
Transform millions of on-premises and Office 365 audit events into interactive visual dashboards that help you simplify compliance reporting and investigate incidents faster.
Threat prevention
Integrate with Change Auditor to block attackers from lateral movement by stopping them from making changes to on-premises groups and GPOs or exfiltrating your AD database to steal credentials – regardless of the privileges they’ve hijacked.
360° security protection
From upfront vulnerability assessment to intrusion detection and monitoring of compromised accounts, Change Auditor has you covered at every step.
Normalized audit view
Unlike Office 365 auditing using Microsoft-provided tools, On Demand Audit translates raw audit logs into a meaningful, normalized format. On Demand highlights the most important event details, including before and after values, so you can make quick decisions where your security is concerned.
Long-term storage
On Demand Audit stores audit history for up to 10 years at a fixed subscription price. This enables you to keep the audit data you need to satisfy security and compliance policies, without increasing your own Azure storage costs.
Granular, delegated access
In just a few clicks with On Demand Audit, you can give your security and compliance teams, help desk staff, IT managers and even external auditors and partners exactly the reports they need and nothing more. On Demand Audit provides granular, delegated access to safely empower users to get the insights they need without making any configuration changes and or setting up additional infrastructure.
On-prem, cloud or hybrid? Quest has you covered!
For truly comprehensive Office 365 auditing, upgrade to the On Demand Audit Hybrid Suite for Office 365, which includes On Demand Audit, Change Auditor for Active Directory and Change Auditor for Logon Activity. On Demand Audit consolidates and correlates Change Auditor’s in-depth, high-fidelity on-prem audit data together with cloud activity from Azure AD and Office 365 workloads to get a single, hosted view of all changes across your hybrid environment.
Screenshot Tour
Security vulnerability dashboard
Analyze event data from on-prem and Office 365 workloads for a single view of security vulnerabilities and anomalous activity across your hybrid environment.
Why Quest On Demand?
Fast, easy setup
Onboard with ease. Start auditing in minutes. No installation, no upgrades, no complex configuration — no sweat!
Secure and reliable SaaS
Quest On Demand delivers the security standards, service level and scalability that you need, backed by award-winning, global support ready to help you 24/7/365.
Rapid innovation
We keep pace with Microsoft updates so you don’t have to. Automatic updates deliver new features and security patches quickly and without any effort on your part.
ISO certifications
Quest On Demand is included in the scope of the Platform Management ISO/IEC 27001, 27017 and 27018 certification.
Specifications
Available in the following Microsoft Azure regions:
- Australia
- Canada
- North Europe
- United Kingdom
- United States
The following web browsers are supported with On Demand:
- Internet Explorer 11
- Microsoft Edge
- Google Chrome (latest version)
- Mozilla Firefox (latest version)
On Demand Audit supports integration with Change Auditor version 7.0.3 or later.
Industry recognition
Singapore Business Review
Cyber Security Global Excellence Awards
On Demand Subscription Plans
T1
T3
T5
Nova
Reporting
Delegation & Policy Control
On Demand Audit
Office 365 and Azure AD auditing
On-prem AD and Logon Activity auditing
3 years audit retention
Anomaly detection
On Demand License Management
Office 365 license reports
On Demand Recovery
Azure AD and Office 365 users and groups
T1
T3
T5
On Demand Migration
Azure, Email, OneDrive
Azure, Email, OneDrive, SharePoint, Teams and O365 Groups
Active Directory
Nova
Reporting
Delegation & Policy Control
On Demand Audit
Office 365 and Azure AD auditing
On-prem AD and Logon Activity auditing
3 years audit retention
Anomaly detection
On Demand License Management
Office 365 license reports
On Demand Recovery
Azure AD and Office 365 users and groups
Resources
On Demand Audit Hybrid Suite for Office 365
Search and investigate changes made on prem or in the cloud from a single, hosted dashboard.
Top 10 Security Events to Monitor in Azure Active Directory and Office 365
Discover how native auditing tools can help with cloud security — and how to overcome their shortcomings.
Five Ways to Improve Auditing of Your Hybrid Active Directory
Discover just five of the ways On Demand Audit Hybrid Suite for Office 365 helps you secure your hybrid AD environment.
5 Ways to Improve Hybrid Active Directory Auditing
Watch this on-demand webcast and explore five (and maybe more) ways to improve Hybrid AD and Azure AD auditing using the latest...
Overcoming Office 365 Security & Compliance Auditing Challenges
Commercial use of Office 365 has skyrocketed in recent years — but most organizations admit they still lack the mature au...
Extra Vigilance: Top 3 Ways to Adapt Your Security Log Monitoring for the Surge in Working from ...
With the rapid increase of employees working from home, you will need to throw out your old baseline of normal audit activity &...
Detecting Insider Threats in Office 365 and Hybrid AD
Office 365, AD and Azure AD security are critical for your business continuity, especially when it comes to mitigating insider ...
Active Directory Security Assessment
Identify, quantify and prioritize attack paths so you can secure Active Directory from every angle.
Videos
On Demand Audit product overview
See an overview for On Demand Audit from Quest.
How to search and alert on suspicious logon activity in AD and Office 365
Discover how to search and alert on suspicious logon activity in your AD, Office and hybrid environment with the On Demand Aud...
Office 365 security auditing with On Demand Audit
Learn about Office 365 security auditing with On Demand Audit from Quest.
Azure AD auditing with On Demand Audit
Learn about Azure AD auditing with On Demand Audit from Quest.
Real-time email alerts with On Demand Audit
Learn about real-time email alerts with On Demand Audit from Quest.
Hybrid AD auditing with Change Auditor and On Demand Audit
Learn about hybrid AD auditing with Change Auditor and On Demand Audit from Quest.
How to integrate Change Auditor with On Demand Audit
Learn how to integrate Change Auditor with On Demand Audit from Quest.
Detecting the use of Golden Tickets with Change Auditor for Logon Activity
Detect and alert on common Kerberos authentication vulnerabilities used during Golden Ticket / Pass-the-ticket attacks.
Blogs
The top activities to track when auditing Active Directory
Learn why auditing Active Directory is vital to security and business continuity, and what types of activity to track.
Ian Lindsay
Understanding the cyber kill chain and how it impacts Microsoft 365
The cyber kill chain is a cybersecurity model that details the stages of a cyberattack. Learn all about it and how it impacts Microsoft 365 environme...
Bryan Patton
The anatomy of Active Directory attacks
Learn the most common Active Directory attacks, how they unfold and what steps organizations can take to mitigate their risk.
Jason Morano
How Active Directory configurations can reduce the likelihood of intrusions
Learn real-world insights into how Active Directory configurations can help to harden your cybersecurity defenses and reduce unwanted intrusions.
Bryan Patton
The many colors of AD security – Microsoft Red Forest, orange forest, greenfield or blue?
Discover the different models of Active Directory (AD) security, including the Red Forest and Orange Forest models, Greenfield migrations and Blue Te...
Bryan Patton
CISA Office 365 Alert and 10 Security Actions to Take Now by Sean Metcalf (from our latest TEC Talk)
This blog post will outline the CISA alert, prior CISA advice for securing Office 365 and point you to a TEC Talk by Microsoft Certified Master Sean ...
Jennifer LuPiba
Get started now
Streamline security and compliance auditing of your hybrid Microsoft environment