Categories

Active Directory Backup & Recovery

A Swift Ransomware Response is the Path to Business Resiliency

  • Mickey Bresman
  • Dec 22, 2023

Cyberattacks on business systems—including hybrid identity systems—continue to make headlines, including recent breaches targeting healthcare company Henry Schein and hospitality conglomerate MGM Resorts. Apart from these well-publicized attacks, the Semperis…

How Can K-12 Schools Defend Against Ransomware?

  • Jared Vichengrad
  • Feb 02, 2023

The cybersecurity challenges in the government and education space are nothing new. Such challenges soared with COVID and continue today. Unfortunately, the cyber defense of mission-critical government and education services…

5 Essential ITDR Steps CISOs Must Know

  • Semperis Team
  • Jan 26, 2023

Just as the impact of cyberattacks is not confined to the IT department, the role of the CISO has expanded beyond the security team. With organizations and analysts now acknowledging…

Active Directory Security

Understanding the Risks of Pre-Windows 2000 Compatible Access Settings

  • Guido Grillenmeier
  • Feb 14, 2024

[Updated February 14, 2024; originally published November 29, 2021] The number and scope of confusing and risky security settings in Active Directory are becoming better known with every new cyberattack….

How to Defend Against an Overpass the Hash Attack

  • Daniel Petri
  • Feb 09, 2024

In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need…

Top Active Directory Hardening Strategies

  • Sean Deuby
  • Feb 07, 2024

The most recent Microsoft Digital Defense Report notes that nearly half of all Microsoft Incident Response engagements encountered insecure Active Directory configurations. Mandiant has previously reported that 9 of 10…

AD Security 101

Pass the Hash Attack Defense: AD Security 101

  • Daniel Petri
  • Jan 18, 2024

Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a…

How to Defend Against a Pass the Ticket Attack: AD Security 101

  • Daniel Petri
  • Jan 11, 2024

Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems,…

How to Defend Against Golden Ticket Attacks: AD Security 101

  • Daniel Petri
  • Jan 04, 2024

Golden Ticket attacks are particularly cunning. Like Kerberoasting, Golden Ticket attacks exploit the Kerberos authentication system and are one of the most severe threats to Active Directory environments. Here’s more…

Community Tools

Purple Knight Scoring Improves Understanding of Identity System Security Vulnerabilities

  • Ran Harel
  • Dec 13, 2023

Our latest Purple Knight (PK) v4.2 release introduces fundamental changes, particularly concerning the new scoring calculation. Changing from a broader approach that considered all indicators, we’ve now zeroed in on…

Semperis Offers New Protection Against Okta Breaches

  • Semperis Research Team
  • Aug 30, 2023

In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and…

AD Monitoring: AD Security 101

  • Daniel Petri
  • Mar 09, 2023

An unmanaged Active Directory (AD) can have a profound impact on your operations, leading to downtime and increasing your vulnerability to network security threats. AD monitoring can provide insights you…

Directory Modernization

Security-Centric Active Directory Migration and Consolidation

  • Michael Masciulli
  • Oct 17, 2023

Enterprise organizations with legacy Active Directory (AD) environments have a security problem. Their AD infrastructure has likely degraded over time and now harbors multiple security vulnerabilities because of inefficient architecture,…

Active Directory Migration: 15 Steps to Success

  • Daniel Petri
  • Apr 18, 2023

Active Directory (AD) migration projects can be challenging and complex. Such projects involve the migration of users, groups, computers, and applications from one AD domain or forest to another. Careful…

Why AD Modernization Is Critical to Your Cybersecurity Program

  • Mickey Bresman
  • Apr 03, 2023

Active Directory (AD) is the core identity store for many organizations. As such, AD has also become a major target for bad actors. If attackers gain access to AD, they…

From the Front Lines

Identity Attack Watch: AD Security News, January 2024

  • Semperis Research Team
  • Jan 31, 2024

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending…

Preparing for the Future of Identity Management

  • Sean Deuby
  • Aug 10, 2023

Investment in identity security and identity protection has reached an all-time high. This year, the value of the global identity and access management (IAM) market is projected to reach $20.75…

Identity Attack Watch: AD Security News, April 2023

  • Semperis Research Team
  • Apr 28, 2023

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending…

Hybrid Identity Protection

How to Defend Against an Overpass the Hash Attack

  • Daniel Petri
  • Feb 09, 2024

In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need…

MFA for Active Directory: An Overview

  • Sean Deuby
  • Feb 02, 2024

Modern information security is built on a layered defense. Each layer supports the others and presents additional obstacles to threat actors. From patch management to perimeter firewalls, each layer makes…

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 3)

  • Daniel Petri
  • Jan 23, 2024

Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system…

Identity Attack Catalog

How to Defend Against an Overpass the Hash Attack

  • Daniel Petri
  • Feb 09, 2024

In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need…

How to Defend Against an NTLM Relay Attack

  • Daniel Petri
  • Jan 26, 2024

The NTLM relay attack poses a significant threat to organizations that use Active Directory. This attack exploits the NT LAN Manager (NTLM) authentication protocol, a challenge-response mechanism used in Windows…

Pass the Hash Attack Defense: AD Security 101

  • Daniel Petri
  • Jan 18, 2024

Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a…

Identity Threat Detection & Response

Understanding the Risks of Pre-Windows 2000 Compatible Access Settings

  • Guido Grillenmeier
  • Feb 14, 2024

[Updated February 14, 2024; originally published November 29, 2021] The number and scope of confusing and risky security settings in Active Directory are becoming better known with every new cyberattack….

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 3)

  • Daniel Petri
  • Jan 23, 2024

Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system…

Pass the Hash Attack Defense: AD Security 101

  • Daniel Petri
  • Jan 18, 2024

Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a…

Our Mission: Be a Force for Good

Duns 100 Ranks Semperis in Top 15 to Work For

  • Yarden Gur
  • Nov 28, 2022

This month marked two milestones for Semperis. First, Deloitte recognized the company as one of the 100 fastest growing technology companies in North America and (for the third consecutive year)…

What It Means to be a Mission-Driven Company

  • Mickey Bresman
  • May 18, 2022

On behalf of the entire team, I’m excited to share that Semperis has been named to Inc.’s 2022 list of Best Workplaces. This annual list honors workplaces that are ranked…

Hybrid Identity Protection: IDPro Founder Ian Glazer

  • Sean Deuby
  • May 11, 2022

You won’t want to miss the newest episode of the Hybrid Identity Podcast (HIP)! In this session, I have the pleasure of talking with IDPro founder and Salesforce Senior VP…

Purple Knight

Purple Knight Scoring Improves Understanding of Identity System Security Vulnerabilities

  • Ran Harel
  • Dec 13, 2023

Our latest Purple Knight (PK) v4.2 release introduces fundamental changes, particularly concerning the new scoring calculation. Changing from a broader approach that considered all indicators, we’ve now zeroed in on…

Semperis Offers New Protection Against Okta Breaches

  • Semperis Research Team
  • Aug 30, 2023

In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and…

How to Prevent a Man-in-the-Middle Attack: AD Security 101

  • Daniel Petri
  • Jul 13, 2023

Man-in-the-middle attacks, also known as MitM attacks, are a form of eavesdropping. These attacks can pose a serious threat to organizations’ network security, particularly in environments that use Microsoft Active…

The CISO’s Perspective

Top 3 Identity-Based Attack Trends to Watch in 2024

  • Semperis
  • Jan 02, 2024

Each year, the total number of cyberattacks and cost of ransomware-related damage increases globally. Microsoft recently reported that attempted password attacks have soared “from around 3 billion per month to…

5 Essential ITDR Steps CISOs Must Know

  • Semperis Team
  • Jan 26, 2023

Just as the impact of cyberattacks is not confined to the IT department, the role of the CISO has expanded beyond the security team. With organizations and analysts now acknowledging…

How to Build a Strong ITDR Strategy

  • Sean Deuby
  • Jan 17, 2023

How do you begin to build a strong Identity Threat Detection and Response (ITDR) strategy? It begins with an understanding of your unique identity environment, says Maarten Goet, Director for…

Threat Research

How to Defend Against a Pass the Ticket Attack: AD Security 101

  • Daniel Petri
  • Jan 11, 2024

Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems,…

Using Purple Knight to Detect the Okta Super Admin Attack

  • Yossi Rachman
  • Sep 07, 2023

The recent increase in sophisticated cyberattacks highlights the vulnerabilities inherent in online platforms and identity management systems. To address the increased risk, Semperis recently expanded Purple Knight, its open-source, community-based…

Semperis Offers New Protection Against Okta Breaches

  • Semperis Research Team
  • Aug 30, 2023

In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and…

Uncategorized

AD Security 101: Lock Down Risky User Rights

  • Daniel Petri
  • Jun 16, 2023

In Active Directory (AD) environments, you can use Group Policy Objects (GPOs) to configure user rights. By using GPOs, you can easily enforce consistent user rights policies across all computers…

AD security resources

Stay informed. Get the latest news and resources on identity threat detection and response (ITDR), hybrid Active Directory (AD) security, and cyber resilience, brought to you by Semperis experts.