NEW Semperis Ransomware Study: Global Organizations Should Brace for Holiday Season Cyberattacks
Back to blogs listing

From the Front Lines

Categories

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
Digital Identity Management with Julie Smith

Digital Identity Management with Julie Smith

  • Sean Deuby | Principal Technologist

“[Identity management] is a complex space that just keeps growing and growing,” notes Julie Smith, Executive Director of the Identity Defined Security Alliance. “Organizations are struggling with figuring out how to deal with it and protect their resources.” Julie joined a recent episode of the Hybrid Identity Protection (HIP) Podcast…

Protecting Public Safety with Purple Knight

Protecting Public Safety with Purple Knight

  • Semperis Team

“As a public safety entity, we seem to be a target for criminal activity,” said Micah Clark, Information Technology Director at Central Utah 911 and a user of Purple Knight, a free Active Directory security assessment tool from Semperis. “Making sure that our Active Directory is hardwired, that we don’t…

Identity Attack Watch: August 2022

Identity Attack Watch: August 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

SMTP Matching Abuse in Azure AD

SMTP Matching Abuse in Azure AD

  • Sapir Federovsky and Tomer Nahum

In his TROOPERS19 talk (“I’m in your cloud … reading everyone’s email”), Dirk-jan Mollema discussed an issue he discovered that enabled the use of SMTP matching (also called soft matching) to synchronize Active Directory (AD) users to Azure AD, with the goal of hijacking unsynchronized accounts. Jan stated that Microsoft…

Purple Knight Proves Essential for Securing AD at Southern Utah University

Purple Knight Proves Essential for Securing AD at Southern Utah University

  • Semperis Team

Legacy Active Directory (AD) environments are often hotbeds of cybersecurity vulnerabilities because of misconfigurations that have accumulated over time. In education organizations, the challenges of securing AD are compounded by the constant onboarding and offboarding of students and faculty. Uncovering unknown vulnerabilities in the AD environment he inherited was a…

Hybrid Identity Protection with Denis Ontiveros Merlo

Hybrid Identity Protection with Denis Ontiveros Merlo

  • Sean Deuby | Principal Technologist

Security architectures depend on identity—the “new security boundary.” Yet despite investment in identity and attempts to drive a sustainable identity culture, significant security breaches and friction still exist, given competing priorities and views on value. In this session of the HIP Podcast, originally recorded during a Hybrid Identity Protection Conference,…

Identity Attack Watch: July 2022

Identity Attack Watch: July 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

Hybrid Identity Protection with Dr. Nestori Synnimaa

Hybrid Identity Protection with Dr. Nestori Synnimaa

  • Sean Deuby | Principal Technologist

“Every component in your on-prem environment that is part of a hybrid [Active Directory] configuration needs to be treated as a Tier 0 server, so they need to be protected as well as your domain controllers,” explains Dr. Nestori Synnimaa, AADInternals creator and Sr Principal Security Researcher at Secureworks Counter…