Ensuring Identity Cyber Resilience at American Airlines

Recognizing the critical importance of operational resilience, the IT team at American Airlines sought a solution to protect their Active Directory (AD) environment and ensure uninterrupted business performance in case of an attack that targeted the identity system.

“Resilience is very high on our agenda,” said Jonathan Elledge, Senior IAM Engineer at American Airlines. “We have to monitor our applications and services, automate recovery wherever possible, and catch problems before clients or end users even notice.”

Traditional backup solutions had pitfalls—particularly if the backup services themselves were affected—so Elledge said the team turned to Semperis Active Directory Forest Recovery (ADFR) to close those gaps.

With ADFR, I can just hit a button and it goes. If I were using standard Windows backup and restore, there would be so much to do manually. ADFR makes recovery easy and reliable.
Jonathan Elledge, Senior Engineer, Identity & Access Management, American Airlines

He also noted a major improvement in security monitoring with Semperis Directory Services Protector (DSP).

“Instead of running manual scans or relying on separate tools, I set up all my exposure indicators in DSP,” Elledge said. “But even more important are the notification rules. If someone gains access to a sensitive group, I get paged immediately—even in the middle of the night. DSP will roll that person right back out before they can do harm.”

This proactive approach allows Elledge and the SOC team to respond within minutes, often before attackers can entrench themselves.

“It’s all about speed,” he said. “If you don’t catch an incident early, you risk persistent threats lurking for months—by then, it’s too late. With Semperis, we can catch and contain issues fast, which is now a business requirement for us.”

Ensuring business resilience with comprehensive identity protection

American Airlines uses Directory Services Protector and Active Directory Forest Recovery to:

Receive real-time alerts on unwanted changes to Active Directory or Entra ID
Ensure the ability to meet AD recovery time objectives (RTOs)
Accelerate response to incidents

New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions

Semperis Extends ML-Based Attack Detection with Specialized Identity Risk Focus

Semperis Wins CRN’s Prestigious Partner Program Guide Three Consecutive Years

Semperis Study on Cyberattacks Against Water and Electricity Utilities Underscore the Vulnerability of Critical Infrastructure

Semperis Named to Inc. Magazine’s Annual List of Best Workplaces for Fourth Consecutive Year

Ensuring Identity Cyber Resilience at American Airlines

Ensuring business resilience with comprehensive identity protection

New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions

Semperis Extends ML-Based Attack Detection with Specialized Identity Risk Focus

Semperis Wins CRN’s Prestigious Partner Program Guide Three Consecutive Years

Semperis Study on Cyberattacks Against Water and Electricity Utilities Underscore the Vulnerability of Critical Infrastructure

Semperis Named to Inc. Magazine’s Annual List of Best Workplaces for Fourth Consecutive Year

Ensuring Identity Cyber Resilience at American Airlines

Ensuring business resilience with comprehensive identity protection

Sign Up for the Latest Semperis News