Maintaining a Strong Security Posture

Recognizing that Active Directory is a prime attack target, the infrastructure team at ADP, global provider of cloud-based human capital management (HCM) solutions, looked for a solution that could help them continuously assess their legacy AD environment for misconfigurations. Semperis Directory Services Protector (DSP) is now a key component of their identity security strategy.

Tony Fang, ADP lead infrastructure engineer, said the team uses the constantly updated security indicators in DSP to uncover new vulnerabilities and address them on a systematic basis to continuously improve their overall security posture.

“We discover new things all the time,” said Tony Fang, ADP lead infrastructure engineer. “Semperis has been a great help for us. I’ve done a lot with AD hardening, and the security indicators have been really helpful for me and my team.”

The infrastructure team collaborates with the SOC team to remediate risk in their multi-forest environment.

“Whatever they find, we help remediate,” said Fang. “We’re always looking at those scores now.”

We also use DSP’s auto-undo on certain things like domain admin groups. So if someone is added to that group, DSP will pull them right back out. That’s probably one of the best features that we use.
Tony Fang, Lead Infrastructure Engineer, ADP

One of the DSP features that’s been most helpful for the infrastructure team is automatic rollback of malicious changes. Before they implemented DSP, restoring objects was a time-consuming, complex process.

“With Semperis, it’s a lot easier,” he said. “We also use the auto-undo on certain things like domain admin groups. So if someone is added to that group, DSP will pull them right back out. That’s probably one of the best features that we use.”

Continuously improving identity security posture

ADP uses DSP to continuously assess security in their multi-forest Active Directory environment:

Continuously scan AD for changes or misconfigurations that could create open doors for cyberattackers
Evaluate the AD environment using DSP’s constantly updated security indicators to guard against emerging threats
Use DSP’s automated remediation capabilities to immediately roll back malicious changes, such as users added to the domain admin group

New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions

Semperis Extends ML-Based Attack Detection with Specialized Identity Risk Focus

Semperis Wins CRN’s Prestigious Partner Program Guide Three Consecutive Years

Semperis Study on Cyberattacks Against Water and Electricity Utilities Underscore the Vulnerability of Critical Infrastructure

Semperis Named to Inc. Magazine’s Annual List of Best Workplaces for Third Consecutive Year

Maintaining Strong Security Posture at ADP

Continuously improving identity security posture

New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions

Semperis Extends ML-Based Attack Detection with Specialized Identity Risk Focus

Semperis Wins CRN’s Prestigious Partner Program Guide Three Consecutive Years

Semperis Study on Cyberattacks Against Water and Electricity Utilities Underscore the Vulnerability of Critical Infrastructure

Semperis Named to Inc. Magazine’s Annual List of Best Workplaces for Third Consecutive Year

Maintaining Strong Security Posture at ADP

Continuously improving identity security posture

Sign Up for the Latest Semperis News