Forest Druid simplifies the protection of Tier 0 resources

New tool from Semperis for the security community
Forest Druid simplifies the protection of Tier 0 resources

providers on the topic

Forest Druid is a novel Tier 0 attack path detection tool for Active Directory environments from Semperis, the provider of the successful community tool Purple Knight. Forest Druid takes an inside-out approach to managing attack paths, saving time and resources by prioritizing the most vulnerable assets.

IT security experts know that you can’t protect what you can’t see. The new tool Forest Druid from Semperis aims to remedy this.

(Image: malp – stock.adobe.com)

Forest Druid by Semperis detects vulnerable Tier 0 resources that would otherwise go undetected and unprotected, and enables the vulnerabilities to be remediated quickly. Forest Druid is the latest of several free tools that Semperis offers. The most popular to date is Purple Knight, a hybrid Active Directory cybersecurity assessment tool used by more than 10,000 organizations.

“IT security experts know that you can’t protect what you can’t see,” explains Mickey Bresman, CEO of Semperis. “Semperis Incident Response support is in high demand, so we know firsthand the worrying pattern of attacks that exploit unknown and unsecured Tier 0 resources in Active Directory. Forest Druid visualizes Tier 0 resources in AD and floodlights any remaining relationships to those entities. This helps drastically reduce unnecessary permissions that are responsible for most attack paths to sensitive assets. Forest Druid’s Tier 0 detection capabilities combined with Purple Knight’s extensive scans for indicators of compromise and attack are a very powerful tool for IT security.”

Forest Druid by Semperis aims to simplify the protection of Tier 0 resources.
Forest Druid by Semperis aims to simplify the protection of Tier 0 resources.

(Image: Semperis)

In a typical enterprise Active Directory, there are countless attack vectors that an attacker can use to gain control of a domain. The problem is clear: disproportionate permissions. However, it is impossible for IT security managers to scrutinize every group and every user relationship. Rather than focusing on all possible attack paths, Forest Druid allows organizations to define a permissions perimeter to restrict risky relationships in one place—Tier-0 assets and closely related entities that attackers can exploit to gain more permissions.

See also  What is the recommended food for an obese dog?

“Traditional tools that analyze the most common attack paths to gain control of a domain from the outside in are very useful for attackers, but not for defenders,” says Ran Harel, Principal Security Product Manager at Semperis. “Forest Druid’s ability to approach defense from the inside out, beginning with defining the Perimeter of Permission, is optimal for defenders. After all, the most commonly used attack paths are not always the most dangerous. It’s about effectively protecting Tier 0 critical assets and the attack paths are secondary to that.”

Forest Druid will initially be offered through an approved network of partners who have thoroughly tested the tool and can help companies understand the meaning of their individual results. Companies that prefer not to work with a partner can submit an early access request and the Semperis team will be in touch with them.

(ID:48564477)

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.