ADEMA
Real-time protection for your most critical Active Directory groups.
Alerts security teams in real time when high-risk AD modifications occur, improving monitoring, audit evidence, and incident triage.
Overview
Unauthorized or accidental changes to privileged Active Directory groups can expose your organization to severe security risks. ADEMA ensures that these critical groups — such as Domain Admins, DnsAdmins, or groups linked to sensitive business applications — are continuously monitored and protected.
By providing real-time visibility into AD and Azure AD group changes, ADEMA detects and alerts you to suspicious modifications before they escalate into security incidents. Whether caused by users, automation errors, or malicious activity, ADEMA ensures every abnormal change is captured, analyzed, and reported to the right teams.
Easy to deploy as an add-on for OpenText / NetIQ Identity Manager, ADEMA works independently of your provisioning driver and starts monitoring immediately after setup. It operates silently, sending alerts whenever monitored groups are altered or if the monitoring service itself is disabled.
Features
ADEMA continuously monitors defined AD and AAD groups for key events such as new members, nested group additions, or organizational-unit changes. It cross-checks detected changes with legitimate IAM records and automatically sends alerts to IAM and security teams when anomalies occur. Configurable setup options let you tailor what to watch and how to be notified.
Benefits
Strengthens security around privileged AD groups
Detects unauthorized or abnormal group changes instantly
Alerts security and IAM teams in real time
Reduces risk of privilege escalation and lateral attacks
Ensures compliance and audit readiness through continuous monitoring
Easy deployment and seamless integration with existing IDM environments