Identity Threat Detection & Response
Categories
- Active Directory Backup & Recovery (59)
- Active Directory Security (189)
- AD Security 101 (17)
- Community Tools (17)
- Directory Modernization (9)
- From the Front Lines (67)
- Hybrid Identity Protection (60)
- Identity Attack Catalog (12)
- Identity Threat Detection & Response (125)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (14)
- Threat Research (48)
- Uncategorized (1)
The Importance of Tiered Delegation and ACL Management
- Daniel Petri | Senior Training Manager
- Jun 27, 2024
Active Directory (AD) plays a critical role as the primary identity provider for numerous organizations throughout the world, forming the backbone of access control and authentication systems. However, its central role and widespread use makes AD a prime target for attackers seeking to escalate privileges and gain unauthorized access within…
DORA Compliance and ITDR
- Daniel Lattimer | Area Vice President - EMEA West
- Jun 19, 2024
Organisations in the financial services sector have less than a year to demonstrate DORA compliance. What is DORA, does it apply to your organisation, and how does DORA compliance intersect with one of today’s major cybersecurity concerns: identity threat detection and response (ITDR)? Semperis experts answer these questions for you.…
New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions
- Sean Deuby | Principal Technologist
- May 20, 2024
How long could your organization go without access to applications and services because of an identity-related cyberattack? That’s the question we often ask security and IT ops leaders when we’re discussing the importance of protecting Active Directory and Entra ID from threat actors. The question seems hypothetical because it assumes…
How to Defend Against SID History Injection
- Daniel Petri | Senior Training Manager
- May 03, 2024
Security Identifier (SID) History injection is a sophisticated cyberattack vector that targets Windows Active Directory environments. This attack exploits the SID History attribute, which is intended to maintain user access rights during migrations from one domain to another. By injecting malicious SID values into this attribute, an attacker can escalate…
Semperis DSP: Enhance AD and Entra ID Protection from Cyber Threats
- Eitan Bloch | Semperis Product Manager
- Apr 19, 2024
The SolarWinds breach in December 2020 signified a shift in the attack path for threat actors. Cyber threats increasingly target organizations' cloud environments, typically Microsoft Entra ID (formerly Azure AD), then move to on-premises Active Directory (AD)—or vice versa. This begs the question: How secure is your hybrid identity environment…
LDAP Injection Attack Defense: AD Security 101
- Daniel Petri | Senior Training Manager
- Mar 06, 2024
LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially gain unauthorized access to your directory service. Semperis cybersecurity and identity security experts have a deep understanding of LDAP injection,…
Understanding the Risks of Pre-Windows 2000 Compatible Access Settings
- Guido Grillenmeier
- Feb 14, 2024
[Updated February 14, 2024; originally published November 29, 2021] The number and scope of confusing and risky security settings in Active Directory are becoming better known with every new cyberattack. Many of these vulnerabilities can be attributed to risky configurations that have accumulated in legacy environments over time. But IT…
NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 3)
- Daniel Petri | Senior Training Manager
Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system for most organizations: a critical part of your infrastructure, and a prime target for cyberattackers. This week, I’ll discuss the…
