Semperis Acquires MightyID — Read the full blog here.
Back to blogs listing

Identity Threat Detection & Response

Categories

Featured Articles

Semperis Acquires MightyID: Expands True Cyber Resilience Across Multi-IdP Environments
  • Alex Weinert | Chief Product Officer
  • Feb 04, 2026

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
What Is EntraGoat? A Deliberately Vulnerable Entra ID Simulation Environment

What Is EntraGoat? A Deliberately Vulnerable Entra ID Simulation Environment

  • Jonathan Elkabas and Tomer Nahum

What’s the best way to build cyber resilience? Practice! Meet EntraGoat, your safe space for hands-on, CTF-style learning. Track attack paths, hunt down identity misconfigurations, and expose access control flaws—while building resilience against real-world threats.

Improve Hybrid AD Security with Automated Response and Streamlined Administration

Improve Hybrid AD Security with Automated Response and Streamlined Administration

  • Eran Gewurtz | Director of Product Management

Service accounts are easy to misconfigure, hard to keep track of, and often forgotten, making them ideal entry points for cyber attackers. Learn how DSP expands your ability to discover, monitor, govern, and protect service accounts.

How to Block BadSuccessor: The Good, Bad, and Ugly of dMSA Migration

How to Block BadSuccessor: The Good, Bad, and Ugly of dMSA Migration

  • Jorge de Almeida Pinto

The BadSuccessor privilege escalation technique presents a severe risk to Active Directory environments that use delegated Managed Service Accounts. Learn how blocking dMSA migration prevents attackers from misusing a dMSA to take over an AD domain.

Understanding Identity Security Posture: See the Big Picture of Your Hybrid Environment

Understanding Identity Security Posture: See the Big Picture of Your Hybrid Environment

  • Sean Deuby | Principal Technologist, Americas

Pursuing cybersecurity maturity requires more than flipping a switch. To maintain a strong identity security posture, start by taking a broader look at the complex factors affecting your identity ecosystem.

nOAuth Abuse Alert: Full Account Takeover of Entra Cross-Tenant SaaS Applications

nOAuth Abuse Alert: Full Account Takeover of Entra Cross-Tenant SaaS Applications

  • Eric Woodruff | Chief Identity Architect

Key findings In testing 104 applications, Semperis found 9 (or roughly 9%) that were vulnerable to nOAuth abuse. As the abuse has been already disclosed, the ability to perform nOAuth is low complexity. nOAuth abuse exploits cross-tenant vulnerabilities and can lead to SaaS application data exfiltration, persistence, and lateral movement.…

How to Defend Against Password Guessing Attacks

How to Defend Against Password Guessing Attacks

  • Daniel Petri | Senior Training Manager

Here’s what you need to know about password guessing and how to protect Active Directory—and your organization.

BadSuccessor: How to Detect and Mitigate dMSA Privilege Escalation

BadSuccessor: How to Detect and Mitigate dMSA Privilege Escalation

  • Semperis Team

The BadSuccessor Active Directory attack technique exploits a dangerous Windows Server 2025 vulnerability. Learn how DSP indicators of exposure and compromise enable you to proactively halt malicious activity.

What is Identity Attack Surface Management?

What is Identity Attack Surface Management?

  • Daniel Petri | Senior Training Manager

A specialized identity attack surface management (IASM) practice is not optional. It’s a fundamental necessity for organizations that rely on identity services like Active Directory.