Unknown Vulnerabilities Become the Top Active Directory Security Posture Concerns

EMA Research Report


Most concerning risks:
  • Native Microsoft security flaws
  • Social engineering attacks, such as phishing
  • Attackers moving between AD on-premises and cloud
Top AD recovery concerns:
  • Not having a post-cyber-attack recovery plan
  • Inability to recover quickly
  • Not having a defined responsibility for AD recovery
Actions in response to SolarWinds attack:
  • 45% of organizations increased collaboration between operational and security teams
  • 44% percent increased focus on closing AD security gaps, detecting attacks, and ensuring malware-free backups
  • 37% added skilled practitioners to address AD security weaknesses
Unknown vulnerabilities top the list of Active Directory security concerns for IT security practitioners, according to a new report produced by Enterprise Management Associates (EMA) in collaboration with Semperis. Given that AD is a common attack vector for cybercriminals, it’s no wonder that unknown and unaddressed AD security gaps are a top priority. The new EMA report delves into challenges IT security practitioners face in closing AD security gaps and how organizations are responding to threats—like the SolarWinds attack—that demand a cross-organization response.


“Although it’s encouraging to see these evolving security practices and increased focus on securing Active Directory, there is still much work to be done,” said Paula Musich, EMA research director of risk and management.


Download the report for full details on how organizations are meeting identity system security challenges, including:
  • Identifying Active Directory security risks
  • Balancing Active Directory security on-premises and in the cloud
  • Addressing gaps in Active Directory skill sets

“Great product for peace of mind when protecting your Active Directory.”

– Microsoft System Engineer, Active Directory Services Sector


“Excellent software for Active Directory Recovery…[we] save a lot of time and headache. you can create a lot of useful reports and alerts.”

– Microsoft System Admin, Healthcare Industry


“Right on target. easy to restore full forest. easy to use. friendly interface ability to test the production in test environment. “

– Infrastructure and Operations, $50M+, Finance Industry

The product is great! Very good user interface and experience, and we feel secured with it on our side. The customer service is very good and helpful!

– CTO, $50M+, Healthcare Industry


 See full reviews on Gartner Peer Insights

Semperis is the third fastest growing cybersecurity company in the US.

Unlock cyber resilience. Request a Demo