New capability extends multi-directory support for Forest Druid to help cybersecurity defenders rapidly close risky attack paths to Tier 0 assets across hybrid identity environments

HOBOKEN, NJ—Semperis, a pioneer of identity-driven cyber resilience for enterprises, today announced the expansion of Forest Druid, its community-driven attack path management tool, to include support for Microsoft Entra ID (formerly Azure AD), saving time for cybersecurity teams in identifying and closing risky attack paths across hybrid identity systems.

Closely following the recent announcement of support for Okta in Purple Knight, the popular vulnerability assessment tool downloaded by 20,000-plus organizations, the addition of Entra ID support in Forest Druid underscores the company’s mission to help organizations address emerging threats against on-premises Active Directory (AD) and cloud identity systems.

“Since its introduction in fall 2022, Forest Druid has helped thousands of cybersecurity defenders cut the time it takes to identify attack paths and remove excessive privileges in Active Directory,” said Darren Mar-Elia, Semperis VP of Products. “By expanding Forest Druid to encompass Entra ID, security teams can now uncover risky access to Tier 0 assets across hybrid identity environments, which have become a favorite target for cyberattackers. These recent enhancements in both Forest Druid and Purple Knight address concerns we’ve heard from our customer community about emerging attacks that target Entra and Okta, in addition to legacy AD environments.”

Unlike conventional AD attack path management tools that require defenders to scrutinize countless possible attack paths, Forest Druid accelerates attack path analysis by focusing on Tier 0 assets—accounts, groups, and other assets that have direct or indirect administrative control of an AD or Entra ID environment. With access to Tier 0 assets, attackers can seize control of the entire network.

“Cyber defenders too often are racing against time to close security gaps before adversaries exploit them,” said Ran Harel, Semperis Associate Vice President of Security Products. “As more organizations are embracing cloud identity systems such as Entra ID and Okta—often using them in conjunction with on-prem AD—the attack surface expands, giving malicious actors more opportunities to breach the environment and deploy malware. Forest Druid helps defenders visually map risky access to privileged accounts. By identifying the true Tier 0 perimeter and prioritizing sensitive accounts for remediation, cybersecurity teams save valuable time and resources in safeguarding the identity system.”

Forest Druid enhancements include new settings to control data collection from on-prem and cloud identity systems and new controls to improve the defense perimeter relationship graph, a map of objects with privileged relationships to Tier 0 assets.

For more information about Forest Druid’s Tier 0 attack path discovery capabilities, check out the resources below.

About Semperis

For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches, and operational errors. The world’s leading organizations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress, and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada, and Israel.

Semperis hosts the award-winning Hybrid Identity Protection conference and podcast series ( and built the community hybrid Active Directory cyber defender tools, Purple Knight ( and Forest Druid. The company has received the highest level of industry accolades, recently named to Inc. Magazine’s list of best workplaces for 2023 and ranked the fastest-growing cybersecurity company in America by the Financial Times. Semperis is a Microsoft Enterprise Cloud Alliance and Co-Sell partner and is a member of the Microsoft Intelligent Security Association (MISA).


Media Contact

Bill Keeler

Semperis Senior Director of PR & Communications