Identify Admin and Service Accounts
Once InsightIDR gains access to LDAP, it takes note of all accounts with a "password does not expire” setting. These are shown here as Non-Expiring Users. As most organizations only use this setting for machine-only service accounts, the activity of these accounts is baselined differently than domain users.
From here, we can drill down into Administrator users and their recent activity.
Filter to Expose Risk
With one click, you can filter by type of account, privileges, and if the account is active. Many organizations identify misconfigurations and risky behavior within hours of deploying InsightIDR.
Integrations with Multiple Data Sources
InsightIDR tracks admin activity across endpoints (e.g. remote user authentications), network (Active Directory, LDAP), and cloud services (Office 365, Salesforce, Box, & more).