Virtualization Technology News and Information
Article
RSS
Semperis Adds Community Tool for Cyber Defenders to Its Arsenal, Focused on Defining a Privileged Perimeter Around Tier 0 Assets
Semperis announced the availability of Forest Druid, a first-of-its-kind Tier 0 attack path discovery tool for Active Directory environments. Forest Druid takes an inside-out approach to attack path management, which saves time and resources by prioritizing the most sensitive assets first. Forest Druid discovers vulnerable Tier 0 assets-that otherwise go unseen and unprotected-and allows for speedy remediation. Forest Druid is the latest of several free tools released by Semperis, the most popular to date being Purple Knight, a hybrid Active Directory cybersecurity assessment tool used by more than 10,000 enterprises.

"Defenders know you can't protect what you can't see," said Semperis CEO Mickey Bresman. "Semperis' incident response support is in high demand, so we see firsthand the alarming pattern of attacks exploiting unknown and unsecured Tier 0 assets in Active Directory. Forest Druid visualizes Tier 0 assets in Active Directory and shines a spotlight on all the lingering ownership relationships to these entities, helping to dramatically reduce unnecessary privileges, which are responsible for most of the attack paths leading to your most sensitive assets. The Tier 0 discovery capabilities in Forest Druid, combined with Purple Knight's comprehensive assessment of indicators of exposure and compromise, form an extremely powerful resource for defenders."

In a typical organization's Active Directory, there are countless attack paths an adversary can take to arrive at domain dominance. The problem is clear-excessive privileges. However, sifting through every group and user relationship is an impossible task for defenders. Instead of focusing on the most common attack paths, Forest Druid enables organizations to define a privileged perimeter and cut down on risky relationships at the source-the Tier 0 assets and surrounding entities attackers can exploit to gain more permissions.

"Traditional attack path tools, which analyze the most common paths to domain dominance from the outside-in, work well for attackers but aren't as practical for defenders," said Semperis Senior Director of Security Products, Ran Harel. "Forest Druid's ability to defend from the inside-out, starting with defining the privileged perimeter, is optimal for defenders. After all, the most common attack paths aren't always the most dangerous ones. It's all about effectively securing Tier 0 critical assets, and the attack paths are secondary."

Forest Druid is initially being distributed through an approved network of partners, who have all rigorously tested the tool and can help organizations understand the implications of their unique results. Organizations who prefer not to work with a partner can submit an early access request form and the Semperis team will be in touch.

Published Thursday, August 25, 2022 9:40 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<August 2022>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
28293031123
45678910