Joint solution combines unprecedented visibility into the identity system with comprehensive extended detection and response (XDR), significantly reducing time to detect and contain attacks involving Active Directory (AD) and Entra ID.
Semperis, a pioneer in identity-driven cyber resilience, today announced a joint offering with Trellix, whose XDR platform is used by 40,000 organisations, including 80 percent of the Fortune 100, providing unmatched visibility into identity system breaches with extended detection and response (XDR) to accelerate attack detection and containment of identity-based attacks.
The Semperis-Trellix partnership combines AI-driven threat detection and response from the Trellix XDR Platform with hybrid Active Directory and Entra ID ML-based monitoring and change tracking from Semperis Directory Services Protector (DSP) to identify and address attacks that start with device compromise and move laterally through privilege escalation to the identity system—the common target in 90 percent of cyberattacks. The joint solution saves time in detecting, isolating, and containing attacks, which today takes an average of 287 days, according to IBM research.
Semperis DSP adds rich, contextual identity security data to the Trellix XDR platform, providing organisations with actionable recommendations based on identity system forensics to uncover which accounts were compromised, see adversary-made modifications to group and user permissions, and auto-remediate malicious changes.
“When an endpoint such as a workstation is compromised, Trellix’s XDR provides critical information about endpoint attacks, including who was logged in when the incident occurred,” said Mickey Bresman, CEO, Semperis. “From that point, Semperis DSP can analyse forensics data of changes made to the identity system, follow the path of activities made by the compromised account, and automatically undo those changes, dramatically reducing response time.”
The combined capabilities of Semperis and Trellix help organisations deal with the persistent problem of threat actors gaining system access by compromising endpoints, moving laterally through the network, and escalating privileges to take control of, and hold for ransom, the entire identity system—the backbone of the organisation’s business operations.
“By combining Trellix’s AI-powered XDR Platform with Semperis DSP’s continuous monitoring, change tracking, and automated remediation for hybrid AD environments, we’re enabling organisations to stop threat actors in their tracks,” said Sean Morton, SVP Strategy and Services, Trellix. “Our partnership with Semperis furthers our mission to secure customers and enable them to proactively prevent and quickly remediate attacks across the ecosystem—from endpoint to the identity system.”
The Semperis-Trellix offering is available through the companies’ extensive partner networks. To learn more, visit Semperis.com.