Identity Security has become not just a necessity for businesses and organisations but a requirement for them. Cyber attacks continue to evolve and threaten companies, but that's where an Identity Security specialist is the solution. TechDay spoke with Daniel Lattimer, Area Vice President for UK & Ireland at Semperis, to find out more about what the company does for its customers.
Semperis is a pioneer in identity security. It focuses on giving organisations full visibility and control of identity, and it enables organisations to prevent and recover from identity-based cyber attacks, which are increasing.
Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada, and Israel. The company is growing fast in Europe and is actively looking to accelerate its business in the UK and Ireland.
The company has been operating since 2014 and has had a team based in the UK since 2020, but it has operated in the UK since Semperis's inception. The company has 13 people in the region, but its team is growing fast.
"Semperis is growing rapidly. We have been included in Deloitte's Technology Fast 500 for the three consecutive years. This is no easy feat," says Lattimer.
What does Semperis do?
Semperis provides a full suite of community and paid products designed to increase resiliency and to protect and recover Microsoft Active Directory (AD) and Azure AD, the primary identity stores used by enterprises worldwide. AD is essential to keeping businesses running, but a growing number of breaches involve AD, which is now exploited in 9 out of 10 cyber attacks.
Semperis' Directory Services Protector (DSP) addresses the challenges that organisations face in combatting the rise in attacks that focus on identity. These attacks often abuse on-premises AD, then move to Azure AD in the cloud or vice versa.
DSP provides continuous monitoring and visibility across hybrid AD (i.e., on-premises AD and Azure AD) environments, tamperproof tracking, and automatic rollback of malicious changes to AD.
In particular, the DSP Intelligence module provides automated security assessments. The module is designed to provide a range of security indicators and advanced pre-attack tests to harden hybrid AD against new adversary tactics and techniques. These capabilities help organisations spot weaknesses before attackers do and maintain a strong, continuous security posture.
DSP's threat-hunting and forensic capabilities have also proven to be extremely helpful for organisations in post-breach scenarios. These capabilities can help businesses understand how attackers broke in and how to close back doors for good.
Semperis' Active Directory Forest Recovery (ADFR) is the only backup and disaster recovery product purpose-built for AD. ADFR automates the entire forest recovery process, helping organisations rapidly conduct post-attack forensics and recover AD to a trusted, malware-free environment following a cyber disaster. ADFR recovery is also 90% faster than manual recovery processes and tools.
"We give our customers full visibility, control, and the ability to protect, detect, and fully recover from Identity-based attacks. It's the only way to ensure a highly resilient identity infrastructure," adds Lattimer.
Semperis also provides two free community tools enabling businesses to evaluate their AD security posture and fix gaps before attackers can exploit them.
The first is Purple Knight, an AD and Azure AD security assessment tool that provides visibility into hybrid AD environments, revealing exposure and compromise indicators. Purple Knight also gives actionable insight into how to improve your security posture.
In June 2022, Semperis introduced Purple Knight Post-Breach, a channel-only edition of Purple Knight that helps service providers conduct attack mitigation and recovery for their customers following an identity-based attack. This tool lets the company's partners conduct critical post-breach forensics as part of their incident response engagements, achieve malware-free recovery from AD attacks, and prevent follow-on assaults.
The other is Forest Druid, a tool that helps defenders identify the true Tier 0 security parameter and prioritise the repair of high-risk misconfigurations that could lead to an attack. Using these technologies in concert can further help improve companies' security posture, making it much harder for cybercriminals to succeed on their vicious path of destruction.
Interestingly, Semperis doesn't use AI. The company instead focuses on risks and issues that have been historically difficult to manage. Identity security is ever-changing, and these changes often introduce misconfigurations that create easier access for attackers.
Who are Semperis's customers?
AD is crucial to business operations across all industries, so Semperis doesn't focus on one particular niche or customer group. However, cyber resilience is particularly important in highly regulated industries such as financial services, critical infrastructure, and government.
One of the key challenges faced by Semperis's customers is that AD is a foundational piece of IT infrastructure for roughly 90% of organisations. AD was released 23 years ago and therefore isn't equipped to handle the highly sophisticated cyber threats that we face today.
AD was designed to facilitate ease of use: If a user is logged in to a network, then they are assumed to be trusted. However, this ethos makes life incredibly easy for any threat actor who successfully infiltrates a network.
For those that do, the rewards are significant. AD essentially holds the keys to your kingdom. Imagine a physical safe in which you store the keys to your office. AD is similar; it is the central hub of access to your critical systems, computers, software applications, and other resources.
This situation is dangerous because AD is both incredibly important and easy to attack. Roughly 90% of all businesses are exposed to security breaches because of AD vulnerabilities. Companies have paid ransoms as high as $40 million to regain access to their networks. In some scenarios, they have had to rebuild their IT estate from the ground up.
These challenges are exacerbated by Identity-based attacks that are becoming more prevalent in the market, and organisations are becoming more aware of the imperative to protect their identity systems. Gartner has recognised this and has recently defined a new category, identity threat detection and response (ITDR), for tools and processes that protect identity infrastructure from malicious attacks, detect and investigate breaches, and recover normal operations.
Operational resilience and cyber resilience initiatives are driving success. There is no end of cyber incidents in the news. Boards are asking, 'If this happened to us, how would we respond?' Recovery measured in days is unacceptable. Automation and speed are proving extremely valuable.
Hybrid and flexible work means that many organisations have adopted a hybrid identity infrastructure, combining cloud and on-premises IT to support new ways of working. However, the security risks of AD continue to be prevalent.
Typically, hybrid identity involves projecting an on-premises (office-based) identity to internet services, enabling employees to use one set of credentials to authenticate across all company resources. This makes the identity source for these credentials the keystone of the entire architecture. For 90% of enterprises, this identity source is still AD.
Identity theft protection must therefore be a priority, preventing attackers from using credentials to leverage AD and progress attacks.
Semperis's Channel Partners
Semperis has an impressive channel with a variety of organisations, ranging from large consultancies to global system integrators and regional value-added resellers. One of the key values that attracted Daniel Lattimer to Semperis was the company's mission to be a 'force for good.' When engaging with partners and customers, Semperis improves security postures, acts with integrity, earns trust, and ultimately is enjoyable to work with.