Active Directory Security

What our customers say

Protecting Healthcare Organizations from Ransomware Attacks

  • Semperis Team

Active Directory has been a top cybersecurity tool for more than two decades. The problem with protecting AD—used by roughly 90% of the Fortune 1000 companies—from ransomware attacks is simply that it wasn’t designed for today’s security landscape. Many organizations don’t even know the full map of their deployment, making…

Purple Knight and PingCastle: A Quick Comparison

Purple Knight and PingCastle: A Quick Comparison

  • Semperis Team

When it comes to protecting your enterprise from cyberattacks, protecting your identity infrastructure is key. Infiltrations of identity systems not only expose your most important assets and business operations to attack but can go undetected for long periods, causing significant damage. So, strengthening your identity security stance is an important…

Organizations Prioritize ITDR Solutions That Protect Active Directory Before, During, and After a Cyberattack

Organizations Prioritize ITDR Solutions That Protect Active Directory Before, During, and After a Cyberattack

  • Itay Nachum

The word is out that identity systems—and Active Directory in particular—are prime targets for cyberattacks. As a company that pioneered solutions purpose-built for protecting and recovering Active Directory from cyberattacks, we were happy to see multiple research firms recently confirm the criticality of AD-specific cybersecurity solutions. Gartner not only named…

Protecting Public Safety with Purple Knight

Protecting Public Safety with Purple Knight

  • Semperis Team

“As a public safety entity, we seem to be a target for criminal activity,” said Micah Clark, Information Technology Director at Central Utah 911 and a user of Purple Knight, a free Active Directory security assessment tool from Semperis. “Making sure that our Active Directory is hardwired, that we don’t…

Identity Attack Watch: August 2022

Identity Attack Watch: August 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

SMTP Matching Abuse in Azure AD

SMTP Matching Abuse in Azure AD

  • Sapir Federovsky and Tomer Nahum

In his TROOPERS19 talk (“I’m in your cloud … reading everyone’s email”), Dirk-jan Mollema discussed an issue he discovered that enabled the use of SMTP matching (also called soft matching) to synchronize Active Directory (AD) users to Azure AD, with the goal of hijacking unsynchronized accounts. Jan stated that Microsoft…

SIEM and SOAR—and Identity Security

SIEM and SOAR—and Identity Security

  • Sean Deuby | Principal Technologist

Organizations are looking for cutting-edge technologies to facilitate increasing business demands. But as your organization grows, so does its attack surface. Understanding potential vulnerabilities—especially those related to Tier 0 identity assets like Active Directory—is important. To help spot such risks, many organizations turn to security information and event management (SIEM)…

Power up Entra ID Security Assessments

Power up Entra ID Security Assessments

  • Semperis Team

Want to use the free Purple Knight tool to evaluate your Entra ID security posture? To run Purple Knight in your Entra ID environment, you need to create and update the app registration in Entra ID with a defined and consented set of application permissions for the Microsoft Graph. Semperis…