Semperis Expands Collaboration with Veritas
May 2024 by Marc Jacob
Semperis announced an enhanced solution integration with Veritas Technologies, a leader in secure multi-cloud data management, to stop bad actors from accessing sensitive corporate data at scale with time-saving attack-path analysis, reducing the risk of successful ransomware extortion through data exfiltration, encryption, or both. The enhancement builds on the Semperis Active Directory Forest Recovery (ADFR) and Veritas NetBackup collaboration announced in 2023.
The enhanced solution integration takes an innovative approach to attack-path discovery, monitoring, and management by prioritising risky access to the organisation’s most sensitive assets—including corporate data stores—reducing the time to cut excessive privileges that can lead to data exfiltration and encryption by malicious actors. Combined with the Semperis and Veritas comprehensive cyber-first AD backup and recovery solution, joint customers can now further benefit from unmatched identity system protection and resilience.
Through this deepened integration, Semperis and Veritas tackle the urgent need to identify and address accounts that have risky access to sensitive corporate data storage environments. This reduces the attack surface and limits malicious actors’ leverage. Additionally, real-time monitoring to detect unauthorised changes enables organisations to catch and contain attacks as early as possible.
The enhanced solution integration uses an API to mine Veritas’ data pool for information about the devices and applications that Veritas protects across an organisation’s environment. It then provides a map showing which identities have direct or indirect access to privileged accounts that could be used to gain control of a storage device or an entire network. Cyber defenders can use the solution, which is based on Semperis’ community attack path discovery tool Forest Druid, to define secure zones for privileged accounts, eliminate excessive privileges, and continuously monitor and roll back risky configurations that undermine overall security posture. The solution, which includes capabilities currently available in Semperis’ comprehensive identity threat detection and response (ITDR) platform Directory Services Protector (DSP), sends alerts and auto-remediates unauthorised changes when a malicious actor tries to join a privileged group with access to Veritas devices.
The enhanced solution integration will be available to current joint customers. Veritas customers who are not yet Semperis customers will have access to the attack path management tool powered by Forest Druid and can add alerting and rollback by deploying Semperis DSP.