Semperis Acquires MightyID — Read the full blog here.
Back to blogs listing

Identity Threat Detection & Response

Categories

Featured Articles

Semperis Acquires MightyID: Expands True Cyber Resilience Across Multi-IdP Environments
  • Alex Weinert | Chief Product Officer
  • Feb 04, 2026

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
Ransomware Defense in 2026: What CISOs Need to Know

Ransomware Defense in 2026: What CISOs Need to Know

  • Sean Deuby | Principal Technologist, Americas
  • Dec 23, 2025

The fastest way to turn a cyber incident into a business outage is through identity system compromise. Ransomware continues to exploit that fact—and the consequences are real. Here are practical, board-ready steps CISOs can take to boost resilience when those attacks happen.

EntraGoat Scenario 3: Exploiting Group Ownership in Entra ID

EntraGoat Scenario 3: Exploiting Group Ownership in Entra ID

  • Jonathan Elkabas and Tomer Nahum

Dive into EntraGoat Scenario 3, where you’ll discover how individually legitimate Entra ID features, when combined with misconfigured group ownership, can cascade into a privilege escalation chain that elevates a low-level account into a tenant-wide threat.

Exploiting Ghost SPNs and Kerberos Reflection for SMB Server Privilege Elevation

Exploiting Ghost SPNs and Kerberos Reflection for SMB Server Privilege Elevation

  • Andrea Pierini

When misconfigured Service Principal Names (SPNs) and default permissions align, attackers can exploit Kerberos reflection to gain SYSTEM-level access remotely. Even with Microsoft’s security update, Ghost SPNs can still haunt you. Learn why.

Unlocking Unmatched Identity Resilience: The Semperis-Cohesity Partnership

Unlocking Unmatched Identity Resilience: The Semperis-Cohesity Partnership

  • Chris Salzgeber | Former Product Manager, Integrations

The Semperis-Cohesity partnership is the convergence of two industry leaders, each with singular expertise. With Cohesity Identity Resilience, organizations can be confident that their critical identity systems are secure and recoverable.

EntraGoat Scenario 6: Exploiting Certificate-Based Authentication to Impersonate Global Admin in Entra ID

EntraGoat Scenario 6: Exploiting Certificate-Based Authentication to Impersonate Global Admin in Entra ID

  • Jonathan Elkabas and Tomer Nahum

Editor’s note This scenario is part of a series of examples demonstrating the use of EntraGoat, our Entra ID simulation environment. You can read an overview of EntraGoat and its value here. Certificate Bypass Authority–Root Access Granted EntraGoat Scenario 6 details a privilege escalation technique in Microsoft Entra ID where…

EntraGoat Scenario 2: Exploiting App-Only Graph Permissions in Entra ID

EntraGoat Scenario 2: Exploiting App-Only Graph Permissions in Entra ID

  • Jonathan Elkabas and Tomer Nahum

In our second EntraGoat attack scenario, follow the steps from a carelessly leaked certificate to capture the Global Admin password—and full Entra ID compromise.

EntraGoat Scenario 1: Service Principal Ownership Abuse in Entra ID

EntraGoat Scenario 1: Service Principal Ownership Abuse in Entra ID

  • Jonathan Elkabas and Tomer Nahum

How can a compromised low-privileged user account exploit service principal ownership—and complete an Entra ID tenant takeover? Find out when you dive into EntraGoat Scenario 1.

Getting Started with EntraGoat: Breaking Entra ID the Smart Way

Getting Started with EntraGoat: Breaking Entra ID the Smart Way

  • Jonathan Elkabas and Tomer Nahum

Ready to jump in and get your hooves dirty in EntraGoat? Start here. These quick-start steps will get you into your first attack scenario.