Semperis & Trellix unveil joint solution for cyber breach containment
Semperis and Trellix have unveiled a joint solution to accelerate the containment of cyber breaches. The novel offering from the identity-driven cyber resilience specialist and provider of an extended detection and response (XDR) platform promises unprecedented visibility into identity system infiltrations.
The Semperis-Trellix partnership deploys AI-driven threat identification and response from the Trellix XDR platform, in combination with the hybrid Active Directory and Entra ID ML-based monitoring and change tracking capabilities of Semperis DSP. This combination presents a formidable defence against attacks that begin by compromising a device and then progress via privilege escalation to the identity system. These attacks, unfortunately, constitute 90 percent of cyberattacks. Moreover, by significantly reducing the average 287 days it currently takes to detect, isolate and contain a breach—an estimate provided by IBM—this solution will save organisations precious time.
Speaking on the novel product, Semperis CEO Mickey Bresman noted that its inclusion of Semperis DSP enriches the Trellix XDR platform with contextual identity security data. Consequently, organisations will receive actionable recommendations from the integrated system that allow them to uncover compromised accounts, identify changes made to user and group permissions by adversaries, and automatically remedy such malicious alterations. "When an endpoint such as a workstation is compromised, Trellix's XDR provides critical information about endpoint attacks, including who was logged in when the incident occurred. From that point, Semperis DSP can analyse forensics data of changes made to the identity system, follow the path of activities made by the compromised account, and automatically undo those changes, dramatically reducing response time," Bresman explained.
Bresman also notes this combined capability enables organisations to adequately address the ongoing issue of threat actors compromising endpoints for their unscrupulous access, lateral network movement, and privilege escalation—laid bare by the attacks on identity systems, a crucial facet of business operations. In turn, organisations can halt ransomware attacks on their identity systems.
Trellix's SVP of Strategy and Services, Sean Morton, emphasised the value of merging Trellix's AI-powered XDR platform with Semperis DSP's continuous monitoring, change tracking, and automated remediation for hybrid AD environments. Morton said, "we're enabling organisations to stop threat actors in their tracks. Our partnership with Semperis furthers our mission to secure customers and enable them to proactively prevent and quickly remediate attacks across the ecosystem—from endpoint to the identity system."
The team-up between Semperis and Trellix to help contain cyber breaches is now available via their partner networks.