Semperis Directory Services Protector

Additional Info

CompanySemperis
Websitehttps://www.semperis.com 
Company size (employees)50 to 99
Type of solutionCloud/SaaS

Overview

Microsoft Active Directory (AD)—the distributed security system that controls user authentication and system authorization in 90%+ of the world’s medium and large organizations—was not built to stand up against today’s threats. Defenders must anticipate adversaries’ advances and be able to thwart attacks at every stage of the cyber killchain. Semperis Directory Service Protector (DSP) continuously monitors AD for indicators of exposure, detects advanced attacks, and enables rapid response.

Released in 2020, DSP v3.0 is the first-of-its-kind to address the entire lifecycle of a directory cyberattack–from monitoring pre-attack indicators of exposure to analyzing post-attack forensics, and everything in-between–all integrated into a single console.

DSP v3.0 introduces ground-breaking capabilities to scan AD for vulnerabilities, intercept attacks in progress, and immediately close backdoors created by an attacker or rogue administrator, so critical systems stay secure and available. Semperis raised the bar by delivering the industry’s most comprehensive approach to securing AD.

Key features of DSP v3.0 include:

–Vulnerability Assessment: Continuously monitors AD for indicators of exposure and prioritizes vulnerabilities by risk-level.
–Security Dashboard: Built-in threat intelligence paired with action-oriented guidance from a community of AD security researchers.
–Auto-Remediation: Instantly rolls back critical security-related or operational changes without requiring administrator intervention.
–Integrated Changes View: Enhanced user interface provides a single, consolidated view for real-time tracking and rollback of AD changes.
–New Report Authoring Tool: Includes reporting utility for sophisticated LDAP and DSP database queries to create custom security and compliance reports.
–Enhanced Logging: New audit notification events can be natively integrated into your SIEM system to speed up forensic analysis and troubleshooting.

DSP v3.0 empowers Semperis customers to be proactive about AD security by adding an extra layer of visibility and control in every stage of the killchain.

How we are different

--Unlike tracking tools that solely rely on security logs and agents on every domain controller, Semperis DSP monitors multiple data sources including the AD replication stream. The AD replication stream is the only reliable method of catching every change no matter how an attacker might attempt to cover their tracks. Semperis DSP forwards suspicious changes to your SIEM system with meaningful context, drastically reducing the burden on security analysts.


--Business applications on-premises and in the cloud depend on Active Directory, making it a critical piece of an enterprise’s IT infrastructure. However, securing Active Directory is difficult given its constant flux, sheer number of settings, and increasingly sophisticated threat landscape. With easy access to powerful hacking and discovery tools, attackers are increasingly adept at covering their tracks to silently create backdoors and establish persistent access inside of Active Directory. Semperis DSP stops attackers from gaining access to AD, captures AD changes that bypass security logs and automatically remediate malicious changes.


--Government agencies and Global 2000 enterprises already rely on Semperis DSP to defend against cyberattacks that routinely target Active Directory and increasingly circumvent security logging. Semperis DSP provides uninterrupted tracking of Active Directory modifications and immediate rollback of unwanted changes at the object and attribute level, without mounting backups or taking domain controllers offline.