Member Article
Semperis adds community tool for cyber defenders to its arsenal, focused on defining privileged perimeter around tier 0 assets
Semperis, a pioneer of identity-driven cyber resilience for enterprises, today announced the availability of Forest Druid, a first-of-its-kind Tier 0 attack path discovery tool for Active Directory environments. Forest Druid takes an inside-out approach to attack path management, which saves time and resources by prioritising the most sensitive assets first. Forest Druid discovers vulnerable Tier 0 assets—that otherwise go unseen and unprotected—and allows for speedy remediation. Forest Druid is the latest of several free tools released by Semperis, the most popular to date being Purple Knight, a hybrid Active Directory cybersecurity assessment tool used by more than 10,000 enterprises.
“Defenders know you can’t protect what you can’t see,” said Semperis CEO, Mickey Bresman. “Semperis’ incident response support is in high demand, so we see first-hand the alarming pattern of attacks exploiting unknown and unsecured Tier 0 assets in Active Directory. Forest Druid visualises Tier 0 assets in AD and shines a spotlight on all the lingering ownership relationships to these entities, helping to dramatically reduce unnecessary privileges, which are responsible for most of the attack paths leading to your most sensitive assets. The Tier 0 discovery capabilities in Forest Druid combined with Purple Knight’s comprehensive assessment of indicators of exposure and compromise, form an extremely powerful resource for defenders.”
In a typical organisation’s Active Directory, there are countless attack paths an adversary can take to arrive at domain dominance. The problem is clear—excessive privileges. However, sifting through every group and user relationship is an impossible task for defenders. Instead of focusing on the most common attack paths, Forest Druid enables organisations to define a privileged perimeter to cut down on risky relationships at the source—the Tier 0 assets and surrounding entities attackers can exploit to gain more permissions.
“Traditional attack path tools, which analyse the most common paths to domain dominance from the outside in, work well for attackers but aren’t as practical for defenders,” said Semperis Principal Security Product Manager, Ran Harel. “Forest Druid’s ability to defend from the inside out, starting with defining the privileged perimeter, is optimal for defenders. After all, the most common attack paths aren’t always the most dangerous ones. It’s all about effectively securing Tier 0 critical assets, and the attack paths are secondary.”
This was posted in Bdaily's Members' News section by Amanda Hassall .