Enhanced solution integration identifies and closes dangerous attack paths to business-critical data, advancing the shared mission to provide comprehensive cyber resilience.
HOBOKEN, N.J. — May 6, 2024 — Semperis, a pioneer in identity-driven cyber resilience, today announced an enhanced solution integration with Veritas Technologies, a leader in secure multi-cloud data management, to stop bad actors from accessing sensitive corporate data at scale with time-saving attack-path analysis, reducing the risk of successful ransomware extortion through data exfiltration, encryption, or both. The enhancement builds on the Semperis Active Directory Forest Recovery (ADFR) and Veritas NetBackup collaboration announced in 2023.
The enhanced solution integration takes an innovative approach to attack-path discovery, monitoring, and management by prioritizing risky access to the organization’s most sensitive assets—including corporate data stores—reducing the time to cut excessive privileges that can lead to data exfiltration and encryption by malicious actors. Combined with the Semperis and Veritas comprehensive cyber-first AD backup and recovery solution, joint customers can now further benefit from unmatched identity system protection and resilience.
“During a ransomware attack, if the bad actor encrypts the backup and recovery system, the victim organization is much more likely to pay the ransom, as the company finds itself in a position of very limited options,” said Semperis CEO Mickey Bresman. “By helping our joint customers identify and close off attack paths leading to the organizational backup and recovery system, we can prevent data exfiltration and preserve the recovery option, removing one of the primary negotiating tactics threat actors have.”
Through this deepened integration, Semperis and Veritas tackle the urgent need to identify and address accounts that have risky access to sensitive corporate data storage environments. This reduces the attack surface and limits malicious actors’ leverage. Additionally, real-time monitoring to detect unauthorized changes enables organizations to catch and contain attacks as early as possible.
Matt Waxman, SVP, GM, Data Protection, Veritas, said: “The fight against cybercrime, like ransomware attacks, isn’t a solo sport. It requires a concerted team effort across technology partners. Our approach to data security, Veritas 360 Defense, is designed with that in mind, enabling the integration of best-in-breed cyber resilience capabilities from organizations, such as Semperis, with our own. The extended integration between our two companies equips customers with more tools for hardening their environments and preventing mission-critical data from being compromised.”
The enhanced solution integration uses an API to mine Veritas’ data pool for information about the devices and applications that Veritas protects across an organization’s environment. It then provides a map showing which identities have direct or indirect access to privileged accounts that could be used to gain control of a storage device or an entire network. Cyber defenders can use the solution, which is based on Semperis’ community attack path discovery tool Forest Druid, to define secure zones for privileged accounts, eliminate excessive privileges, and continuously monitor and roll back risky configurations that undermine overall security posture. The solution, which includes capabilities currently available in Semperis’ comprehensive identity threat detection and response (ITDR) platform Directory Services Protector (DSP), sends alerts and auto-remediates unauthorized changes when a malicious actor tries to join a privileged group with access to Veritas devices.
“When they first deploy Semperis’ continuous identity threat detection and response solutions, many of our customers are astounded at the number and severity of previously unknown security vulnerabilities in their identity environments, particularly accounts that can open doors to highly privileged assets,” said Darren Mar-Elia, Semperis VP of Products. “Threat actors can exploit those vulnerabilities to move laterally throughout the identity system, escalating privileges until they’re capable of a device or network takeover. At that point, the organization’s critical data—including customer data—is at stake, and the attackers have the upper hand.”
The enhanced solution integration will be available to current joint customers. Veritas customers who are not yet Semperis customers will have access to the attack path management tool powered by Forest Druid and can add alerting and rollback by deploying Semperis DSP. (For more information about the solution, download the solution brief.)
About Semperis
For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis’ patented technology protects over 100 million identities from cyberattacks, data breaches, and operational errors. The world’s leading organizations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress, and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada, and Israel.
Semperis hosts the award-winning Hybrid Identity Protection conference and podcast series (www.hipconf.com) and built the community hybrid Active Directory cyber defender tools, Purple Knight (www.semperis.com/purple-knight) and Forest Druid. The company has received the highest level of industry accolades, recently named to Inc. Magazine’s list of best workplaces for 2023 and ranked the fastest-growing cybersecurity company in America by the Financial Times. Semperis is a Microsoft Enterprise Cloud Alliance and Co-Sell partner and is a member of the Microsoft Intelligent Security Association (MISA).
Learn more: https://www.semperis.com
Follow us: Blog / LinkedIn / X / Facebook / YouTube
Media Contact:
Bill Keeler
Senior Director, PR & Comms
Semperis
billk@semperis.com