Semperis Adds Intelligence To Its Identity Resilience Platform

Identity attacks can allow hackers to move laterally across a network.

Semperis recently announced the addition of a new feature to its Lightning platform—Lightning Intelligence.

The Lightning platform offers identity-based threat detection and response with a specific focus on Active Directory and Microsoft Entra. Lightning Intelligence adds the ability to track “security posture across multi-forest Active Directory (AD) and multi-tenant Entra ID environments and provides security trend reports,” according to a news release from Semperis.

Lightning Intelligence is of benefit particularly to small and mid-sized organizations with its easy deployment and automated scanning, Semperis said in its announcement.

The new feature includes a dashboard giving users visibility into the security posture of multi-forest or multi-tenant Entra ID environments. Other capabilities include scheduled and on-demand scanning for indicators of exposure (IOEs), constantly updated security indicators, and on-demand security reports for each forest and tenant.

"Cyberattacks that move between the online and on-prem identity systems have been hard to detect and remediate, leading to devastating attacks across every industry. Lightning Intelligence provides a simple way to track overall security posture, with a flexible deployment model as a SaaS or an on-prem offering,” Semperis CEO Mickey Bresman said in a news release.

Earlier this year, Semperis' VP of products, Darren Mar-Elia, spoke with MES Computing about how identity-based attacks differ from other cyberattacks.

“The thing that's unique about identity is if an attacker compromises identity, and an identity system, then they have access to everything,” Mar-Elia said.

“If I'm an attacker that lands on a workstation and I phish the user and I gain access to their workstation, then my scope of control is fairly limited unless there's some really bad hygiene going on in that network.

But if I can then move laterally to a position where I have privileged access to the identity system, meaning that I can get access to all users' password material or password hash material, or I can make changes to the identity system that allows me to distribute malware, then all bets are off,” he added.

Mar-Elia also spoke about the machine learning that fuels the Lightning platform. Read the full interview with Mar-Elia here.