Hybrid Identity Protection
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
Closing Attack Paths to Tier 0 Assets with Forest Druid
- Ran Harel
After announcing Forest Druid, our free Tier 0 attack path discovery tool, at Black Hat 2022, we’ve used it to help some of the largest organizations in the world close off attack paths to Tier 0 Active Directory assets. Our work with these organizations has validated that defenders can save…
Operational Resilience: More than Disaster Recovery
- Sean Deuby | Principal Technologist
To contend with the explosion of cybercrime and its impact on business operations, many organizations are updating their disaster recovery plans to include cyber incident response. Many of the processes and guidelines in traditional disaster recovery plans have changed little in years, sometimes even in over a decade—making them ill-suited…
Identity Threat Response with Brian Desmond
- Sean Deuby | Principal Technologist
Identity threat response—the initial aspect of ITDR—is gaining importance as cyberattackers continue to find new ways into victims’ environments. I recently spoke with Brian Desmond, Principal at Ravenswood Technology Group, about his experience helping organizations secure identity and protect and recover critical identity assets like Active Directory (AD). “Anything that…
Active Directory Forest Recovery Introduces New OS Provisioning Tool
- Omri Rubinstien
Even after more than 20 years of service, Active Directory (AD) remains one of the most critical components of the typical enterprise’s IT infrastructure. AD security is easy for users to take for granted when it is working. However, in the event of an attack, its criticality to business operations…
The Growing Threat of Ransomware as a Service
- Sean Deuby | Principal Technologist
Ransomware attacks have reportedly declined this year. But don’t start celebrating just yet. “Gang models are evolving,” notes my colleague, Alexandra (Alix) Weaver, Semperis Solutions Architect. “I caution everyone: Do not let your guard down.” Part of the changing trend, Alix says, might be attributed to an increase in the…
Protecting Healthcare Organizations from Ransomware Attacks
- Semperis Team
Active Directory has been a top cybersecurity tool for more than two decades. The problem with protecting AD—used by roughly 90% of the Fortune 1000 companies—from ransomware attacks is simply that it wasn’t designed for today’s security landscape. Many organizations don’t even know the full map of their deployment, making…
Digital Identity Management with Julie Smith
- Sean Deuby | Principal Technologist
“[Identity management] is a complex space that just keeps growing and growing,” notes Julie Smith, Executive Director of the Identity Defined Security Alliance. “Organizations are struggling with figuring out how to deal with it and protect their resources.” Julie joined a recent episode of the Hybrid Identity Protection (HIP) Podcast…
SMTP Matching Abuse in Azure AD
- Sapir Federovsky and Tomer Nahum
In his TROOPERS19 talk (“I’m in your cloud … reading everyone’s email”), Dirk-jan Mollema discussed an issue he discovered that enabled the use of SMTP matching (also called soft matching) to synchronize Active Directory (AD) users to Azure AD, with the goal of hijacking unsynchronized accounts. Jan stated that Microsoft…
