Download Forest Druid for Cohesity
Close attack paths leading to Cohesity storage clusters
Note: Versions after 3.0.x are not compatible with data collected before 3.0.x. Data will need to be re-collected and classified.
To run the Forest Druid for Cohesity solution:
- 1. Download Forest Druid from the link above. NOTE: If you are already running the latest version of Forest Druid, proceed to step 2 as there is no need to download and reinstall Forest Druid.
-
File Type
.zip
-
File Size
210MB
-
Release Date
Oct 2024
-
SHA256
3ABEAD3C2622293D8609D5D7891AA547AF39102F80423F03702CE840661ED25D
The Forest Druid attack path management tool allows you to visualize the critical connection between Active Directory and Cohesity storage clusters. This visibility is vital because if an attacker compromises the Active Directory environment, they could potentially compromise key identities in the Cohesity platform as well, gaining the ability to delete backups, alter policies, or disrupt data protection strategies. Forest Druid, which is natively compatible with Active Directory, helps cybersecurity defensive teams quickly prioritize high-risk misconfigurations that could represent opportunities for attackers to gain privileged access to business-critical assets, such as Cohesity storage clusters.
Forest Druid helps organizations 1) identify the groups and accounts with access to Tier 0 assets, 2) define Tier 0 assets otherwise missed by default configurations, 3) scan AD for high-risk violations, and 4) protect Tier 0 assets by applying the analysis results to prioritize remediation and cut down excessive privileges with a focus on Tier 0 assets.The user running Forest Druid must have Read permissions to Active Directory. Although the user is not required to be a Domain Admin, users with Domain Admin privileges will be able to see more information. Forest Druid collects data from all domains in the Active Directory forest where the current domain to which the currently logged-in user belongs.