Security News > 2021 > May > Semperis DSP 3.5 provides automated security assessments of Microsoft Active Directory
Semperis announced the general availability of Directory Services Protector 3.5, which includes DSP Intelligence, a new module that provides automated security assessments of Microsoft Active Directory.
DSP Intelligence proactively uncovers dangerous vulnerabilities that arise from external threat actors, systemic weaknesses in default identity and access settings, and even internal configuration drift that leads to security regression.
The continuous security assessment capabilities now available in DSP Intelligence address the skyrocketing proliferation of cyberattacks-including the infamous SolarWinds supply-chain attack and the Hafnium attack on Microsoft Exchange-that target identity systems, especially AD. As the gatekeeper to critical applications and data in 90% of organizations worldwide, AD is a common access vector for attackers and extremely complex to secure given its constant flux, sheer number of settings, and the increasingly sophisticated threat landscape.
Findings from companies using Semperis' free Purple Knight security assessment tool revealed that even large organizations with significant investments in security resources are failing to close critical gaps in AD, scoring an average of 61%, with Kerberos authentication being the top risk area.
To get ahead of attackers, DSP Intelligence continuously queries an organization's AD environment and performs a comprehensive set of tests against the most common and effective attack vectors that correlate to known security frameworks such as the MITRE ATT&CK. With the addition of DSP Intelligence, Semperis further establishes DSP as the industry's most comprehensive AD threat detection and response platform.
DSP Intelligence - Security validation and breach prevention.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/kyCDJ5ZvLIE/
Related news
- Microsoft overhauls security for publishing Edge extensions (source)
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)