Semperis, a company that is well known and respected for its identity-driven cyber resilience solutions, announced today that it added new vulnerability assessment, security reporting, and auto-remediation capabilities in the latest version of their Directory Services Protector (DSP) Active Directory threat detection and response platform.
Ahead of this announcement, Brilliance Security Magazine took the opportunity to talk with Semperis’ Thomas LeDuc, Vice President of Marketing, and Darren Mar-Elia, Vice President of Products, to better understand what these new features in Semperis DSP v3.0 will mean to the security industry.
Thomas told BSM, “With these new capabilities, we’re really excited to provide customers with the most comprehensive directory protection platform there has ever been. We can now probe AD continuously to proactively uncover vulnerabilities and risky configurations before attackers do, and secure AD at scale with autonomous remediation.”
Darren related that “What we have done with DSP 3.0 is put a strong focus on pre-attack visibility and post-attack remediation capabilities.
For pre-attack, we have incorporated a new feature called the Security Dashboard. While it’s a relatively generic-sounding feature, what we’ve done is publish a dynamic list of indicators of exposure into the product.
We have built it in such a way that we can add new indicators without having to release a new version of the product. Essentially the product ships with a set of nearly 20 indicators that look for configurations or changes in AD that could indicate either an exposure, a potential path to exposure, or an exposure in process.”
He added, “We can look at the current state of Active Directory and changes that are happening. We look for patterns that could indicate either a weak configuration that could be exploited or questionable changes that are happening that may represent a security risk. We then alert on those using a red, green, yellow model of severity and criteria for results.”
Today’s release states, “Semperis DSP v3.0 is the first-of-its-kind to address the entire lifecycle of a directory cyberattack – from monitoring pre-attack indicators of compromise to analyzing post-attack forensics, and everything in-between – all integrated into a single console.”
Darren is quoted in the release, “Over twenty years later, Active Directory is still the primary gatekeeper to sensitive credentials and data, which makes it an extremely lucrative target for attackers. Since it wasn’t originally built with security in mind, Active Directory is riddled with inherent soft spots and risky configurations for attackers to take advantage of. The newest developments in DSP empower Semperis customers to be even more proactive about their Active Directory security by adding an extra layer of visibility and control in every stage of the cyber kill chain.”
Business applications on-premises and in the cloud depend on Active Directory, making it a critical piece of an enterprise’s IT infrastructure. However, securing Active Directory is challenging given its constant flux, the sheer number of settings, and increasingly sophisticated threat landscape. With easy access to powerful hacking and discovery tools, attackers are increasingly adept at covering their tracks to silently create backdoors and establish persistent access inside of Active Directory.
“Active Directory is the ‘Achilles’ heel’ for enterprise security programs,” said Christina Richmond, Program VP, Security Services, IDC. “And since Active Directory extends to the cloud and beyond, any tampering of it can compromise the entire identity infrastructure. Basically, if Active Directory isn’t secure, nothing really is. Semperis is offering a timely solution considering that Active Directory has been at the center of many widespread and business-crippling attacks in recent years.”
Government agencies and Global 2000 enterprises already rely on Semperis DSP to defend against cyberattacks that routinely target Active Directory and increasingly circumvent security logging. Semperis DSP provides uninterrupted tracking of Active Directory modifications and immediate rollback of unwanted changes at the object and attribute level, without mounting backups or taking domain controllers offline.
Semperis DSP v3.0 introduces ground-breaking capabilities to scan Active Directory for vulnerabilities, intercept attacks in progress, and immediately close backdoors created by an attacker or rogue administrator, so critical systems stay secure and available. Semperis raised the bar by delivering the industry’s most comprehensive approach to securing Active Directory.
Semperis DSP v3.0 new features include:
- Vulnerability Assessment: Continuously monitors Active Directory for indicators of exposure and prioritizes vulnerabilities by risk-level.
- Security Dashboard: Built-in threat intelligence paired with action-oriented guidance from a community of Active Directory security researchers.
- Auto-Remediation: Instantly rolls back critical security-related or operational changes without requiring administrator intervention.
- Integrated Changes View: Enhanced user interface provides a single, consolidated view for real-time tracking and rollback of Active Directory changes and modifications.
- New Report Authoring Tool: Includes reporting utility for sophisticated LDAP and DSP database queries to create custom security and compliance reports.
- Enhanced Logging: New audit notification events can be natively integrated into your SIEM system to speed up forensic analysis and troubleshooting.
The significant enhancements to Semperis DSP v3.0 come during a time of strong momentum for Semperis. The company recently closed a $40 million growth funding round led by Insight Partners, completed six consecutive profitable quarters, and was named Best Business Continuity/Disaster Recovery Solution by SC Magazine’s 2020 Trust Awards.
Pricing and Availability
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis is headquartered in New York City and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv.
Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Facebook, Instagram, and LinkedIn.