Forest Druid by Semperis heralds the next generation of Attack Path Management – And it’s not about attack paths…
Sempiris, Provider of Israeli-American Identity Security and Resiliency for Active Directory and Provider of Successful Community Tool Purple KnightForest Druid has released a new level 0 attack vector detection tool for Active Directory environments. Forest Druid takes an in-house approach to managing attack paths, saving time and resources by prioritizing the most vulnerable assets. The tool detects vulnerable Tier-0 resources that would otherwise be detected and unprotected, and enables rapid remediation of vulnerabilities. Forest Druid is the latest among the many free tools offered by Sempiris. Most popular so far Purple KnightActive Directory, a hybrid cybersecurity assessment tool used by more than 10,000 organizations.
“IT security experts know you can’t protect what you can’t see,” Sempiris CEO Mickey Pressman explains. “Semberis incident response support is in high demand, so we know firsthand the alarming pattern of attacks that exploit unknown, unlocked Level 0 resources in Active Directory. Forest Druid visualizes Level 0 resources in AD and highlights any remaining relationships with those entities. This greatly helps reduce unnecessary permissions responsible for most attack paths on sensitive assets. Forest Druid Level 0 detection capabilities combined with Purple Knight’s extensive scans of compromise and attack indicators are a very powerful tool for IT security.”
In a typical enterprise Active Directory, there are countless attack vectors that an attacker can use to gain control of a domain. The problem is obvious: disproportionate permissions. However, it is impossible for IT security managers to examine every group and every user relationship. Rather than focusing on all potential attack paths, Forest Druid allows organizations to define a permission perimeter to constrain risky relationships in one place — Tier-0 assets and closely related entities that attackers can exploit to gain more permissions.
“Traditional tools that analyze the most common paths of attack to take control of a field from the outside in are very useful for attackers, but not for defenders,” says Ran Harrell, Semperis Principal Security Product Manager. “Forest Druid’s ability to approach defense from the inside out, starting with ear perimeter marking, is optimal for defenders. After all, the most used attack paths are not always the most dangerous. It is about protecting critical Level 0 assets effectively, as That attack paths are secondary to that.”
Forest Druid will initially be served by a certified network of partners who have thoroughly tested the tool and can help companies understand the meaning of their individual results. Companies that prefer not to work with one partner can use one early order Arrival Submit and the Sempiris team will contact you.
For more information on Forest Druid’s Level 0 attack path detection capabilities, see the resources below.
Forest Druid website: https://www.purple-knight.com/forest-druid/
“Social media evangelist. Baconaholic. Devoted reader. Twitter scholar. Avid coffee trailblazer.”