Semperis , an identity-oriented cyber-resilience for enterprises, announced the preview release of Directory Services Protector 3.6, which simplifies identity security management in hybrid environments that use both on-premises Active Directory and Azure Active Directory. The company said, new DSP capabilities for detection and resolution of security risks in hybrid identity environments solve the challenge that organisations face in combating the increase in attacks that penetrate organisations through local AD and then move to the cloud —or vice versa — as happened in the attack on SolarWinds.
“There are many challenges in protecting hybrid identity environments, starting with the basic fact that, from a technical point of view, Active Directory and Azure Active Directory have little in common, other than name,” said Mickey Bresman. , CEO of Semperis. “Azure AD offers a different protocol stack that requires a very different approach to management, including protecting the identity system from cyberattacks. In a hybrid scenario, the potential attack surface is widened for opponents. It is quite common for attacks to start locally and move to the cloud, or go from the cloud to local. ”
In hybrid AD environments, DSP displays a single view of both AD and Azure AD security indicators – allowing IT teams to correlate changes in the on-premises and cloud environments that could be indicative of an attack in progress. In a recent 451 Research report, analyst Garrett Bekker pointed out the challenges of protecting hybrid identity systems.
“The natural importance of directories has increased due to the current migration of resources to the cloud, since each ‘cloud’ – be it an IaaS platform or a SaaS application – usually has its own identity repository in which they need work the applications, “says Bekker. “Consequently, keeping directories in a secure state has become a considerable challenge, partly due to the fact that most directories are constantly in flux, as a result of new users being added or relocated, as well as the installation of new applications. ”
Semperis has also released a new white paper that addresses the major challenges of protecting a hybrid Active Directory environment.
In addition to providing comprehensive threat protection for hybrid AD environments, Directory Services Protector is also said to provide frequent security indicators in a continuous release cycle to resolve threats detected by the Semperis research team or in response to externally emerging threats. Recent posts resulting from private work by the Semperis research team include flags for the critical vulnerability of Windows Print Spooler ( PrintNightmare ) and PetitPotam , which can allow an attacker to obtain all domain administrator permissions for an organisation.