Semperis’ Forest Druid ushers in the next generation of attack path management
Semperis’ Forest Druid ushers in the next generation of attack path management—and it’s not about attack paths
Semperis, a pioneer of identity-driven cyber resilience for enterprises, today announced the availability of Forest Druid, a first-of-its-kind Tier 0 attack path discovery tool for Active Directory environments. Forest Druid takes an inside-out approach to attack path management, which saves time and resources by prioritising the most sensitive assets first. Forest Druid discovers vulnerable Tier 0 assets—that otherwise go unseen and unprotected—and allows for speedy remediation. Forest Druid is the latest of several free tools released by Semperis, the most popular to date being Purple Knight, a hybrid Active Directory cybersecurity assessment tool used by more than 10,000 enterprises.
“Defenders know you can’t protect what you can’t see,” said Semperis CEO, Mickey Bresman. “Semperis’ incident response support is in high demand, so we see first-hand the alarming pattern of attacks exploiting unknown and unsecured Tier 0 assets in Active Directory. Forest Druid visualises Tier 0 assets in AD and shines a spotlight on all the lingering ownership relationships to these entities, helping to dramatically reduce unnecessary privileges, which are responsible for most of the attack paths leading to your most sensitive assets. The Tier 0 discovery capabilities in Forest Druid combined with Purple Knight’s comprehensive assessment of indicators of exposure and compromise, form an extremely powerful resource for defenders.”
In a typical organisation’s Active Directory, there are countless attack paths an adversary can take to arrive at domain dominance. The problem is clear—excessive privileges. However, sifting through every group and user relationship is an impossible task for defenders. Instead of focusing on the most common attack paths, Forest Druid enables organisations to define a privileged perimeter to cut down on risky relationships at the source—the Tier 0 assets and surrounding entities attackers can exploit to gain more permissions.
“Traditional attack path tools, which analyse the most common paths to domain dominance from the outside in, work well for attackers but aren’t as practical for defenders,” said Semperis Principal Security Product Manager, Ran Harel. “Forest Druid’s ability to defend from the inside out, starting with defining the privileged perimeter, is optimal for defenders. After all, the most common attack paths aren’t always the most dangerous ones. It’s all about effectively securing Tier 0 critical assets, and the attack paths are secondary.”
Forest Druid is initially being distributed through an approved network of partners, who have all rigorously tested the tool and can help organisations understand the implications of their unique results. Organisations who prefer not to work with a partner can submit an early access request form and the Semperis team will be in touch.
For more information about Forest Druid’s Tier 0 attack path discovery capabilities, check out the resources below.
If you have any questions, feel free to reach out to pk-community@semperis.com.
About Semperis
For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches, and operational errors. The world’s leading organizations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress, and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada, and Israel.
Semperis hosts the award-winning Hybrid Identity Protection conference and podcast series (www.hipconf.com) and built the free hybrid Active Directory security assessment tool, Purple Knight (www.purple-knight.com). The company has received the highest level of industry accolades, recently named to Inc. Magazine’s list of best workplaces for 2022 and ranked the fastest-growing cybersecurity company in America by the Financial Times. Semperis is a Microsoft Enterprise Cloud Alliance and Co-Sell partner.
Twitter https://twitter.com/SemperisTech
LinkedIn https://www.linkedin.com/company/semperis
Facebook https://www.facebook.com/SemperisTech
YouTube https://www.youtube.com/channel/UCycrWXhxOTaUQ0sidlyN9SA
Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks. It involves implementing measures to safeguard sensitive information from unauthorized access and damage.
Tier 0 assets are critical components within an organization's IT infrastructure, such as domain controllers and administrative accounts, that require heightened security due to their sensitivity and importance.
Attack path management is the process of identifying and analyzing potential paths that cyber attackers might take to exploit vulnerabilities in a system, allowing organizations to strengthen their defenses.
Incident response is a structured approach to managing and addressing security breaches or cyberattacks. It involves preparation, detection, analysis, containment, eradication, and recovery.
Remediation in cybersecurity refers to the steps taken to fix vulnerabilities or security breaches in a system. This may include applying patches, changing configurations, or implementing new security measures.
Explore more articles in the Top Stories category
