Semperis Solutions for the Public Sector

Semperis Active Directory Forest Recovery (ADFR) was initially conceived as a disaster recovery tool that can restore AD forests to the latest backup, even if the backup was infected with malware, through its patented ability to abstract AD from the underlying OS. For that reason, ADFR has evolved into a ransomware recovery tool for AD that can:

• Auto-recover an entire AD forest
• Perform" stress testing" of AD backups
• Use unique encryption keys for backup sets
• Supports SAML and multifactor authentication
• Prevent OS-level re-infections
• Offers advanced forensics search

Provides post-attack forensics to help organizations understand how attackers broke in and close remaining backdoors.

Semperis Directory Services Protector (DSP) is the industry's most comprehensive Active Directory (AD) threat detection and response platform. DSP continuously probes your AD for vulnerabilities and indicators of compromise, provides unmatched visibility into attacks that SIEMs often miss, and locks down sensitive accounts with auto-remediation capabilities. DSP’s powerful capabilities include:

• Tamper-proof Tracking
• Instant Find & Fix
• Replication Stream Visibility

Semperis Purple Knight is a free tool that enables any organization to spot weaknesses in Active Directory—the primary identity system for 90% of organizations worldwide—before attackers do. Attackers take advantage of weak Active Directory configurations to identify attack paths, access privileged credentials, and get a foothold into target networks. Purple Knight queries your Active Directory environment and performs a comprehensive set of tests against the most common and effective attack vectors to uncover risky configurations and security vulnerabilities. You receive prioritized, corrective guidance to close gaps before they get exploited by attackers. Purple Knight is a standalone utility that scans the Active Directory environment for indicators of exposure (IOEs) and indicators of compromise (IOCs), allowing identity and security teams to:

• Identity and proactively close security gaps that cybercriminals commonly exploit
• Use severity ratings (informational, warning, or critical) in the Purple Knight report to prioritize remediation efforts
• Align mitigation efforts to comply with MITRE ATT&CK and ANSSI frameworks
• Apply findings to pre-attack prevention efforts as well as post-attack forensics
• Continuously assess overall security posture by periodically repeating the scans to uncover new misconfigurations and continually improve the assessment score