Semperis
announced the preview release of Directory Services Protector 3.6, which
simplifies managing identity security in hybrid environments that use
both on-premises Active Directory and Azure Active Directory. DSP's new
capabilities for detecting and remediating security risks in hybrid
identity environments address the challenge organizations face in
combatting the rise in attacks that enter organizations through
on-premises AD, then move to the cloud-or vice versa-as in the
SolarWinds attack.
"We
see a lot of different challenges with protecting hybrid identity
environments, starting with the basic fact that from a technical
perspective Active Directory and Azure Active Directory-outside of the
name-have very few things in common," said Semperis CEO Mickey Bresman.
"Azure AD provides a different stack of protocols, requiring a very
different management approach-including protecting the identity system
from cyberattacks. With a hybrid scenario, the potential attack surface
expands for an adversary. It's a relatively common scenario to see
attacks start on-prem and move to the cloud, or move from cloud to
on-prem."
In
hybrid AD environments, DSP displays a single view of security
indicators in both AD and Azure AD-empowering IT teams to correlate
changes that cross between on-premises and cloud environments and could
signal an in-progress attack. In a recent 451 Research report, analyst
Garrett Bekker pointed out the challenges of securing hybrid identity
systems.
"The
vital nature of directories has been further magnified by the ongoing
migration of resources to the cloud, since each 'cloud'-whether IaaS
platform or SaaS app-typically has its own identity repository that
applications need to work with," said Bekker. "Maintaining directories
in a secure state has therefore become a considerable challenge, in part
because most directories are constantly in flux as new users are added
or change jobs, and new applications are installed." To request access
to the report, visit https://www.semperis.com/resources/451-research-semperis-helps-fend-off-the-growing-threat-of-active-directory-attacks.
Semperis DSP simplifies protecting hybrid AD environments by:
- Offering a single view of pre-attack and post-attack indicators in both Active Directory and Azure Active Directory
- Providing
the ability to track near real-time changes in Azure Active Directory
and conduct hybrid searches across both on-premises Active Directory and
Azure AD
- Illustrating actions that begin on premises and extend to Azure AD
- Generating a risk profile mapped to the MITRE ATT&CK and other security frameworks
- Continuously assessing and improving hybrid AD security posture to defend against attacks
In
conjunction with the Directory Services Protector 3.6 release, Semperis
is publishing a new whitepaper that addresses the serious challenges in
securing a hybrid Active Directory environment, "Securing Hybrid Active
Directory Environments: A Practical Guide to Closing Security Gaps in
Active Directory and Azure Active Directory" (available at https://www.semperis.com/resources/securing-hybrid-active-directory-environments).
Written by Doug Davis, Semperis Senior Product Manager, this resource
helps organizations defend the expanded attack surface that comes with a
hybrid identity environment.
In
addition to providing end-to-end threat protection for hybrid AD
environments, Directory Services Protector offers frequent security
indicators on a continuous release cycle to address threats uncovered by
the Semperis research team or in response to threats that surface
externally. Recent releases resulting from the Semperis research team's
proprietary work include indicators for the Windows Print Spooler
critical vulnerability (PrintNightmare) and PetitPotam, which can allow an attacker to gain full Domain Admin permissions in an organization.
Directory
Services Protector 3.6, now in preview for Semperis customers, is
targeted for general availability in November 2021. For more
information, visit www.semperis.com/ds-protector.