Active Directory Security
Categories
- Active Directory Backup & Recovery (61)
- Active Directory Security (207)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (64)
- Identity Attack Catalog (24)
- Identity Threat Detection & Response (139)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (66)
- Uncategorized (1)
Organizations Prioritize ITDR Solutions That Protect Active Directory Before, During, and After a Cyberattack
- Itay Nachum
The word is out that identity systems—and Active Directory in particular—are prime targets for cyberattacks. As a company that pioneered solutions purpose-built for protecting and recovering Active Directory from cyberattacks, we were happy to see multiple research firms recently confirm the criticality of AD-specific cybersecurity solutions. Gartner not only named…
Protecting Public Safety with Purple Knight
- Semperis Team
“As a public safety entity, we seem to be a target for criminal activity,” said Micah Clark, Information Technology Director at Central Utah 911 and a user of Purple Knight, a free Active Directory security assessment tool from Semperis. “Making sure that our Active Directory is hardwired, that we don’t…
Identity Attack Watch: August 2022
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
SMTP Matching Abuse in Azure AD
- Sapir Federovsky and Tomer Nahum
In his TROOPERS19 talk (“I’m in your cloud … reading everyone’s email”), Dirk-jan Mollema discussed an issue he discovered that enabled the use of SMTP matching (also called soft matching) to synchronize Active Directory (AD) users to Azure AD, with the goal of hijacking unsynchronized accounts. Jan stated that Microsoft…
SIEM and SOAR—and Identity Security
- Sean Deuby | Principal Technologist
Organizations are looking for cutting-edge technologies to facilitate increasing business demands. But as your organization grows, so does its attack surface. Understanding potential vulnerabilities—especially those related to Tier 0 identity assets like Active Directory—is important. To help spot such risks, many organizations turn to security information and event management (SIEM)…
Power up Entra ID Security Assessments
- Semperis Team
Want to use the free Purple Knight tool to evaluate your Entra ID security posture? To run Purple Knight in your Entra ID environment, you need to create and update the app registration in Entra ID with a defined and consented set of application permissions for the Microsoft Graph. Semperis…
Purple Knight Proves Essential for Securing AD at Southern Utah University
- Semperis Team
Legacy Active Directory (AD) environments are often hotbeds of cybersecurity vulnerabilities because of misconfigurations that have accumulated over time. In education organizations, the challenges of securing AD are compounded by the constant onboarding and offboarding of students and faculty. Uncovering unknown vulnerabilities in the AD environment he inherited was a…
Securing Hybrid Identity
- Guido Grillenmeier
Identity is the new security perimeter. Any breach in this perimeter can enable malicious users to gain access to your apps, your data, and your business operations. For organizations that rely on Azure Active Directory or a hybrid environment of Azure AD and on-prem Active Directory to provide identity services,…
