Directory Services Protector

Additional Info

CompanyDirectory Services Protector
Company size (employees)100 to 499
Type of solutionCloud/SaaS


Semperis Directory Services Protector introduces ground-breaking capabilities to scan Active Directory and Azure Active Directory for vulnerabilities, intercept attacks in progress, and immediately close backdoors created by an attacker or rogue administrator, so critical systems stay secure and available. Semperis raised the bar by delivering the industry’s most comprehensive approach to securing AD and Azure AD.

Key features of Semperis DSP include:

Vulnerability Assessment: Continuously monitors AD for 80+ indicators of exposure and prioritizes vulnerabilities by risk level.

Advanced Attack Detection: Uses multiple data sources to detect advanced attacks that move laterally through the network, bypassing traditional security logging.

Auto-Remediation: Instantly rolls back critical security-related or operational changes without requiring administrator intervention.

Accelerated Incident Response: Speeds forensic analysis to isolate compromised accounts and prevent future attacks.

Azure Active Directory backup and recovery: Ensures fast recovery of Azure AD resources (roles, groups, users) after a cyberattack or other incident.

Hybrid AD security visualization: Displays unintended or malicious changes in the hybrid identity environment, allowing correlation between on-premises AD and Azure AD.

Azure AD change tracking: Monitors changes to role assignments, group memberships, and user attributes in Azure AD.

Out-of-the-box SIEM integration with Microsoft Sentinel, Splunk, LogRhythm, and others.

How we are different

Comprehensive threat detection and response for hybrid identity environments encompassing both on-premises Active Directory and Azure Active Directory: Semperis Directory Services Protector (DSP) continuously monitors Active Directory and Azure Active Directory for indicators of exposure and provides a single view of activities on-prem and in the cloud. DSP’s capabilities for detecting and remediating security risks in hybrid identity environments address the challenge organizations face in combatting the rise in attacks that enter organizations through on-premises AD, then move to the cloud—or vice versa—as in the SolarWinds attack. DSP also includes backup and recovery for Azure AD resources (users, groups, roles) that could be compromised during a cyberattack, bringing business operations to a standstill.

Tamperproof tracking: Unlike tracking tools that solely rely on security logs and agents on every domain controller, Semperis DSP monitors multiple data sources including the AD replication stream. The AD replication stream is the only reliable method of catching every change no matter how an attacker might attempt to cover their tracks. Semperis DSP forwards suspicious changes to your SIEM system with meaningful context, drastically reducing the burden on security analysts. 

Automated remediation: DSP provides granular and flexible rollback of unwanted or malicious changes as well as automated remediation of changes without user intervention.