Sempiris’ new Azure AD offering enhances hybrid Active Directory security

Sempiris announces the preview release of Directory Services Protector 3.6. This release simplifies identity security management for hybrid environments that rely on both on-premises Active Directory and Azure Active Directory. New DSP features dedicated to detecting and addressing security risks in hybrid identity environments address attacks that target local ads to enter the enterprise, then propagate to the cloud, or vice versa, as was the case for SolarWinds.

In mixed AD environments, DSP unifies the view of security metrics for both AD and Azure AD. This allows IT teams to relate changes between on-premises and cloud environments that might indicate an attack is in progress. In a recent report published by 451 Research, analyst Garrett Baker points out the challenges of securing hybrid identity systems.

Sempiris DSP simplifies the protection of mixed AD environments by:

• Unified display of pre- and post-attack indicators, in both Active Directory and Azure Active Directory

• Track real-time attacks in Azure Active Directory and hybrid searches in both Active Directory and Azure AD

• Highlight actions that start locally and extend to Azure AD

• Create a risk profile based on other things on the MITER ATT & CK . security framework

• Continuous evaluation and improvement of the security posture of Hybrid AD to ensure an effective defense in the event of an attack

In conjunction with the launch of Directory Services Protector 3.6, Sempiris is releasing a new technical document that addresses significant security challenges in a hybrid Active Directory environment, “Securing Hybrid Active Directory Environments: A Practical Guide to Eliminating Vulnerabilities in Active Directory and Azure Active Directory.” This document, written by Semperis Product Manager Doug Davis, explains how to better defend against the increased attack surface caused by mixed identity environments.

In addition to fully protecting mixed AD environments, Directory Services Protector regularly updates its security indicators to counter threats detected by external sources or by Sempiris’ research team, such as indicators of critical print spooler vulnerabilities. Windows (PrintNightmare) and PetitPotam, which could allow the hacker to grant himself the “Manage Domain” privilege in the enterprise.

The evaluation version of Directory Services Protector for Azure Active Directory is available to Semperis customers, and is expected to be released in November 2021.