Semperis Active Directory Forest Recovery (ADFR) was initially conceived as a disaster recovery tool that can restore AD forests to the latest backup, even if the backup was infected with malware, through its patented ability to abstract AD from the underlying OS. For that reason, ADFR has evolved into a ransomware recovery tool for AD that can:
Provides post-attack forensics to help organizations understand how attackers broke in and close remaining backdoors.
Semperis Directory Services Protector (DSP) is the industry's most comprehensive Active Directory (AD) threat detection and response platform. DSP continuously probes your AD for vulnerabilities and indicators of compromise, provides unmatched visibility into attacks that SIEMs often miss, and locks down sensitive accounts with auto-remediation capabilities. DSP’s powerful capabilities include:
Semperis Purple Knight is a free tool that enables any organization to spot weaknesses in Active Directory—the primary identity system for 90% of organizations worldwide—before attackers do. Attackers take advantage of weak Active Directory configurations to identify attack paths, access privileged credentials, and get a foothold into target networks. Purple Knight queries your Active Directory environment and performs a comprehensive set of tests against the most common and effective attack vectors to uncover risky configurations and security vulnerabilities. You receive prioritized, corrective guidance to close gaps before they get exploited by attackers. Purple Knight is a standalone utility that scans the Active Directory environment for indicators of exposure (IOEs) and indicators of compromise (IOCs), allowing identity and security teams to: