Blue Turtle, Quest join forces to showcase Active Directory management in the SOC

The telemetry from Active Directory is some of the most critical information your business receives and can also be noisy due to the sheer volume of data generated. When it comes to adding this data to your security operations centre (SOC), Blue Turtle Technologies and its partner Quest believe that to ensure all critical authentication data and security logs reach your SOC in order to be closely monitored, this telemetry needs to be limited and contextualised. 

“Telemetry from Active Directory is critical to your business system’s effective operation, but it can be noisy, which makes the solutions from Quest so desirable,” says Avash Maharaj, Head of Infrastructure, Cloud and Security at Blue Turtle. “With Quest working hand in hand with your SOC, it filters and contextualises the mountains of data coming out of Active Directory, providing you with the high-fidelity information you need to feed into the SOC. The result is the optimisation of your SOC resources and better overall security for your Active Directory environment."

To showcase how, through Blue Turtle and Quest's partnership, they are helping customers get a better grip on their Active Directory and the cloud telemetry received through Azure Active Directory, the two will be providing visitors to the ITWeb Security Summit 2022 a direct insight into how to optimise an otherwise log-heavy operation.

Quest is exceptionally effective at ingesting all Active Directory logs from both on-premises and cloud resources and then processing and contextualising what data is the most critical. The key benefits this offers customers from a security perspective are visibility and transparency to their environment, while also seamlessly slotting into an organisation's zero-trust security stance. Another important benefit Quest brings to the table is that customers directing this telemetry into a SIEM environment get charged for the data ingested. With Quest categorising this data before it gets consumed, this volume is significantly decreased, while the quality of data increases, resulting in dramatic cost reductions.

“Running security optimisation in an era of accelerated change is difficult, especially with solutions like Active Directory at play, which is the noisiest component on your network bar none. Using Quest, your data becomes quality, and you are no longer just collecting everything and the kitchen sink; it reduces alert fatigue, false positives and time to insight. This makes securing this data much easier by vastly improving your security posture and reducing the load on the SOC,” adds Maharaj.

The Quest solution is an essential piece in the SOC puzzle, which, according to Blue Turtle, needs to be built around the customer's express needs. To this end, the company is today delivering clients a cornucopia of security offerings they can select from that, when combined, will help them build an optimised SOC environment.

“Securing your Active Directory deployments must be a top priority as it plays such a critical role in your IT infrastructure – literally controlling who can get into your network and what they can do once they’re inside. Not doing so increases the risk of users accessing data and applications they shouldn’t be able to and increases your vulnerability to attackers and malware taking over a user or administrator’s account,” says Quest. “No matter how good your prevention efforts are, you will experience cyber security incidents, so you need to be prepared to investigate them quickly and respond appropriately. Working with Blue Turtle, we help customers quickly determine where a breach originated, how it unfolded and exactly what systems and data was involved. So you can hold individuals accountable for their actions and take steps to prevent similar incidents from occurring in the future.”

Blue Turtle will be showcasing its unique relationship with Quest and the company’s AI-driven approach to building an SOC from 31 May to 2 June at the Sandton Convention Centre for the Johannesburg leg of the 17th annual ITWeb Security Summit, as well as on 6 June at the Century City Conference Centre for its Cape Town leg of the event.

For more information or to speak to a Blue Turtle security specialist, contact Avashm@blueturtle.co.za or visit https://blueturtle.co.za/.