What data can I get?
If you don’t regularly audit who accesses which documents and lists in your on-premises SharePoint and SharePoint Online, someone might read a file that they are not supposed to see and you won’t know about the violation. Netwrix Auditor makes it easy to regularly review data access events so you can reduce the risk of missing improper activity that could lead to a breach
If your organization is subject to any compliance regulations, it's crucial for you to know what kinds of sensitive information you store, and whether it's properly secured. Netwrix Auditor in conjunction with Netwrix Data Classification identifies the types of sensitive data you store in on-premises SharePoint and SharePoint Online, details its location and shows whether this data is overexposed. Plus, you can quickly check who has access to critical files, libraries or sites, and get the full context around activity with them. Regularly review this information to make sure nothing endangers the security of your sensitive data.
How can I use this data?
If an attack is sophisticated, basic alerting is not enough. While many solutions can alert you when a single event occurred or when a specific threshold has been exceeded, some threats involve a chain of suspicious actions stretching across time. Netwrix Auditor provides a single view of all anomalous activity alerts triggered by an individual across your enterprise and the cumulative risk score, so you can spot malicious insiders and compromised accounts — even if the actors tread carefully.
Whenever you need to investigate a security incident, figure out what caused downtime or respond to ad-hoc questions from auditors, Netwrix Auditor’s powerful Interactive Search saves you from having to dig through mountains of cryptic information in native logs. You can quickly find answers to specific questions, such as who removed sensitive files or changed group membership. Plus, you can create custom reports based on your search criteria to easily investigate similar incidents in the future.
Auditors require you to demonstrate that you do everything possible to secure your data. If you rely solely on native SharePoint auditing tools and Office 365 predefined reports, it can be nearly impossible to provide this proof. Netwrix Auditor makes it easy. It includes out-of-the-box compliance reports tailored to the requirements of PCI DSS, HIPAA, GDPR, SOX, GLBA, FISMA/NIST and other regulatory standards, so you can pass audits with far less time, cost and effort.
What else do I get with Netwrix Auditor
To provide a unified audit trail for the broadest range of different data sources, Netwrix Auditor has a RESTful API that allows you to integrate any type of commercial or custom application with the Netwrix Auditor platform. Free, pre-built add-ons are available for most common applications, including SIEM solutions.
Responding manually to common incidents can eat up a lot of time and increases the risk of mistakes. With Netwrix Auditor, you can automate response to incidents by embedding scripts in alerts, which ensures a consistent, timely response without distracting your limited IT resources from their other critical tasks.
Many regulatory compliance standards require retaining the SharePoint audit trail for extended periods. Netwrix Auditor can store your audit trail in a two-tiered (file-based + SQL database) cost-effective storage for more than 10 years, and enables easy access to archived data for historic reviews and inquiries.
You can make sure that only authorized personnel can configure auditing and view audit reports in Netwrix Auditor. Simply granularly assign the appropriate access rights to each IT administration and business team in accordance with the least-privilege principle.
Learn how Netwrix Auditor for SharePoint can help you detect security threats across your on-premises SharePoint and SharePoint Online, and pass audits with less effort.