Directory Modernization

Top 15 Steps to a Successful AD Migration

Top 15 Steps to a Successful AD Migration

  • Daniel Petri
  • Apr 18, 2023

Active Directory (AD) migration projects can be challenging and complex. Such projects involve the migration of users, groups, computers, and applications from one AD domain or forest to another. Careful planning and execution can help your migration team complete a successful AD migration, with minimal disruption to end users and…

Why AD Modernization Is Critical to Your Cybersecurity Program

Why AD Modernization Is Critical to Your Cybersecurity Program

  • Mickey Bresman
  • Apr 03, 2023

Active Directory (AD) is the core identity store for many organizations. As such, AD has also become a major target for bad actors. If attackers gain access to AD, they gain access to any resources in the organization. In a hybrid on-prem/cloud scenario, which is common today, that includes access…

Preventing a SYSVOL Horror Story

Preventing a SYSVOL Horror Story

  • Tammy Mindel
  • Oct 20, 2022

October is Cybersecurity Awareness Month, and an excellent time to bust the ghosts of configurations past. One of the actions that the Cybersecurity & Infrastructure Security Agency (CISA) and National Cybersecurity Alliance (NCA) recommend taking is “Update your software.” A perfect place to start: Rid your domains of the outdated…

How Cybersecurity Is Evolving from EDR to XDR to ITDR

How Cybersecurity Is Evolving from EDR to XDR to ITDR

  • Sean Deuby
  • Jul 14, 2022

As businesses embrace hybrid work and digitization, endpoint, and identity are moving perpetually closer. Both professions are evolving, and to make the most of this evolution, people on both sides will need to cross the aisle. In a recent episode of the Hybrid Identity Protection podcast, I discuss this evolution…

Achieving Operational Resilience with Simon Hodgkinson

Achieving Operational Resilience with Simon Hodgkinson

  • Sean Deuby
  • Jun 15, 2022

Does your cybersecurity plan take your organization's goals for operational resilience into account? In a recent episode of the Hybrid Identity Podcast (HIP), I spoke with Semperis strategic advisor, former bp CISO, and HIP London panel speaker Simon Hodgkinson. Simon is an expert in operational resilience and how it relates…

Revisiting the Colonial Pipeline Cyberattack, One Year Later

Revisiting the Colonial Pipeline Cyberattack, One Year Later

  • Semperis Team
  • May 06, 2022

The Colonial Pipeline cyberattack in May 2021 ranks as one of the top critical infrastructure attacks to date. At the time, Semperis Director of Services Sean Deuby predicted that the ransomware-as-a-service (RaaS) attack was an “implication of what is to come … open season on infrastructure providers.” One year later,…

Securing Active Directory Is First Step in Aligning with New UK Financial Conduct Authority Guidelines

Securing Active Directory Is First Step in Aligning with New UK Financial Conduct Authority Guidelines

  • Dan Bowdrey
  • Mar 21, 2022

In 2019, the Financial Conduct Authority (FCA) proposed changes to how institutions within the UK financial sector ensure operational resilience, particularly against the threat of cyberattacks. The FCA will start enforcing the guidance on March 31, 2022. All organizations regulated by the FCA will face audits to prove their compliance…

NotPetya Flashback: The Latest Supply-Chain Attack Puts Active Directory at Risk of Compromise

NotPetya Flashback: The Latest Supply-Chain Attack Puts Active Directory at Risk of Compromise

  • Chris Roberts
  • Dec 15, 2020

Last week, news broke that a sophisticated adversary penetrated FireEye's network and stole the company's Red Team assessment tools. The attack is reportedly linked to a larger supply-chain assault that struck government, consulting, technology, and telecom organizations throughout North America, Europe, Asia, and the Middle East.   To get an idea of what this stolen toolset…