Semperis announced the availability of
Forest Druid,
a first-of-its-kind Tier 0 attack path discovery tool for Active
Directory environments. Forest Druid takes an inside-out approach to
attack path management, which saves time and resources by prioritizing
the most sensitive assets first. Forest Druid discovers vulnerable Tier 0
assets-that otherwise go unseen and unprotected-and allows for speedy
remediation. Forest Druid is the latest of several free tools released
by Semperis, the most popular to date being
Purple Knight, a hybrid Active Directory cybersecurity assessment tool used by more than 10,000 enterprises.
"Defenders
know you can't protect what you can't see," said Semperis CEO Mickey
Bresman. "Semperis' incident response support is in high demand, so we
see firsthand the alarming pattern of attacks exploiting unknown and
unsecured Tier 0 assets in Active Directory. Forest Druid visualizes
Tier 0 assets in Active Directory and shines a spotlight on all the
lingering ownership relationships to these entities, helping to
dramatically reduce unnecessary privileges, which are responsible for
most of the attack paths leading to your most sensitive assets. The Tier
0 discovery capabilities in Forest Druid, combined with Purple Knight's
comprehensive assessment of indicators of exposure and compromise, form
an extremely powerful resource for defenders."
In
a typical organization's Active Directory, there are countless attack
paths an adversary can take to arrive at domain dominance. The problem
is clear-excessive privileges. However, sifting through every group and
user relationship is an impossible task for defenders. Instead of
focusing on the most common attack paths, Forest Druid enables
organizations to define a privileged perimeter and cut down on risky
relationships at the source-the Tier 0 assets and surrounding entities
attackers can exploit to gain more permissions.
"Traditional
attack path tools, which analyze the most common paths to domain
dominance from the outside-in, work well for attackers but aren't as
practical for defenders," said Semperis Senior Director of Security
Products, Ran Harel. "Forest Druid's ability to defend from the
inside-out, starting with defining the privileged perimeter, is optimal
for defenders. After all, the most common attack paths aren't always the
most dangerous ones. It's all about effectively securing Tier 0
critical assets, and the attack paths are secondary."
Forest
Druid is initially being distributed through an approved network of
partners, who have all rigorously tested the tool and can help
organizations understand the implications of their unique results.
Organizations who prefer not to work with a partner can submit an early access request form and the Semperis team will be in touch.