Additional Info

Job title of nominated professional (or team name)Forest Druid
Company (where nominated professional or team is working)Semperis
Websitehttps://www.purple-knight.com/forest-druid/
Company size (employees)100 to 499
CountryUnited States
Headquarters RegionNorth America

Overview

In a typical organization’s Active Directory (AD), there are countless attack paths an adversary can take to arrive at domain dominance. In fact, AD is exploited in virtually every modern attack (e.g. SolarWinds). The problem is clear—excessive privileges. However, sifting through every group and user relationship is an impossible task for defenders.

Instead of focusing on the most common attack paths, Forest Druid enables organizations to define a privileged perimeter to discover the most dangerous attack paths and cut those risky relationships at the source—the Tier 0 assets and surrounding entities attackers can exploit to gain more permissions.

Forest Druid takes an inside-out approach to attack path management, which saves time and resources by prioritizing the most sensitive assets first. Forest Druid discovers vulnerable Tier 0 assets—that otherwise go unseen and unprotected—and allows for speedy remediation.

Forest Druid helps cybersecurity defender teams:
1. Uncover and define Tier 0 assets otherwise missed by default configurations
2. Scan AD for high-risk violations by applying Forest Druid’s scanning results to provide critical context, prioritize remediation, and lock down privileges with a special focus on Tier 0 assets
3. Simplify attack path management to improve security posture and increase efficiency for defenders, saving time and resources

 

Accomplishments

Forest Druid deserves recognition because:
- It is a first-of-its-kind Tier 0 attack path discovery tool for AD environments
- Forest Druid is a free community tool that offers a unique approach to attack path management and has seen rapid adoptions (hundreds of downloads) since its release in fall
- Rather than chasing down thousands of potential attack paths, defenders can save time by using Forest Druid to identify and address the most problematic security violations—the paths that lead directly to critical assets.