Semperis extends Active Directory’s cyberattack recovery capabilities with built-in post-attack analysis and rapid operating system provisioning



Semperis’ latest Active Directory Forest Recovery (ADFR) enhancements help organizations accelerate post-cyberattack recovery in a trusted environment, minimizing business impact

HOBOKEN, New Jersey–(BUSINESS WIRE)–Semperis, the pioneer of identity-based cyber resiliency for enterprises, today announced innovations in its Active Directory Forest Recovery (ADFR) product that extend The company’s offerings to help organizations quickly conduct post-attack action Active Directory forensics and recovery capabilities in a reliable, malware-free environment after a cyber disaster.

Building on Semperis’ mission of cyber-first Active Directory (AD) disaster recovery, the enhancements help organizations detect and remove backdoors and persistence that might remain in AD itself after a cyberattack and provide a new operating system provisioning tool that speeds up the AD recovery process. The new capabilities help victims of cyberattacks quickly conduct reconnaissance efforts when every minute counts when responding to a post-attack incident.

“When an organization’s Active Directory environment is impacted by a cyberattack, time is running out to eliminate all traces of the compromise and fully recover AD,” said Semperis CEO Mickey Bresman. “We partner with some of the world’s leading consulting and incident response companies to conduct incident response for multinational corporations that have experienced cyberattacks. Following an attack, organizations are understandably concerned with getting back to business as quickly as possible. But without thoroughly scanning the environment for any remaining traces of post-attack persistence, the victim organization risks reintroducing the infection, prolonging business disruption. Recent ADFR innovations provide essential solutions for rapidly conducting in-depth incident response to restore business and minimize damage.

A cyber-first disaster recovery strategy is an essential part of broader business continuity planning. In a recent report, Gartner predicted that by 2025, at least 75% of IT organizations will experience one or more attacks. To speed recovery from attacks, Gartner recommends adding a dedicated tool for Microsoft Active Directory backup and recovery. The report concludes that “organizations without a useful backup system will have few options other than paying the ransom.”1

New ADFR capabilities address increasingly common types of attacks in which the environment is penetrated weeks or months before the final malware payload is executed. ADFR’s post-recovery analysis allows incident response teams to identify changes made by adversaries within a defined attack window, speeding up investigation. ADFR helps organizations determine if an attack was in progress when an environment backup was performed. Following an AD recovery, response teams can use ADFR’s post-recovery investigation to find and fix vulnerabilities before putting the recovered environment back into production.

The new OS Provisioning Tool in ADFR addresses the challenge of quickly creating an isolated recovery environment, which is the first step in an AD forest recovery. Response teams can use the standalone PowerShell-based tool to set up a test environment to validate a recovery plan and to conduct remediation efforts without notifying malicious actors who might be lurking in the environment, ready to deploy additional malware.

“Semperis pioneered clean Active Directory recovery with the introduction of ADFR,” said Darren Mar-Elia, vice president of products at Semperis. “With ADFR’s new capabilities, we are pioneering the ability to find the needle in the haystack following a cyberattack, the persistent and potentially devastating security backdoors that can keep business operations going. paralyzed. Building on our unique cyber-first AD recovery foundation, ADFR’s innovations give victims of cyberattacks the peace of mind that they can fully recover critical business systems in a verifiable trusted environment.

For more information on new ADFR features, visit

1Gartner, Inc., “How to Protect Backup Systems Against Ransomware Attacks,” Nik Simpson, September 21, 2021.

About Semperis

For security teams tasked with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step of the cyberattack chain and reduces the recovery time of 90%. Specifically designed to secure hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches and operational errors. Leading global organizations trust Semperis to detect directory vulnerabilities, intercept ongoing cyberattacks, and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team split between San Francisco and Tel Aviv.

Semperis hosts the award-winning Hybrid Identity Protection conference and podcast series ( and created the free Active Directory security assessment tool, Purple Knight ( The company has received the highest level of accolades in the industry, recently named to Deloitte’s Technology Fast 500™ list for the second consecutive year (2020-2021) and ranked among the top three fastest growing cybersecurity companies fast on the 2021 INC list. 5000. Semperis is accredited by Microsoft and recognized by Gartner.



Caroline Morey

fame PR for Semperis

Copyright © acrofan/Business Wire All Rights Reserved

Source link


Comments are closed.