Case Study: Edison reduces Active Directory risk and boosts cyber resilience with Quest's attack-path management and auditing solutions

Energy company improves Active Directory security and cyber resilience

Edison S.p.A., a leading Italian energy company founded in 1884, identified its Active Directory (AD) as a vital service whose complexity had grown over decades and exposed the business to serious risk. Existing Microsoft, open‑source and custom tools failed to give the deep, dynamic visibility needed to map Tier Zero assets and attack paths—leaving Edison aware of thousands of issues but unsure how to prioritize fixes or guarantee AD availability and overall cyber resilience.

Working with Microsys, Edison deployed SpecterOps BloodHound Enterprise alongside Quest Change Auditor and On Demand Audit to gain attack‑path management, continuous monitoring and hybrid auditing across on‑premises and Microsoft 365 environments. The solution set visualized choke points, prioritized remediation, delivered real‑time alerts and IOC detection (e.g., DC replication and Golden Ticket indicators), improved third‑party accountability and sped investigations—strengthening AD security, reducing exposure, and advancing Edison’s ongoing AD resilience program.

Edison

Giampaolo Tacchini

Chief Information Security Officer