SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Semperis announces security-centric Active Directory solution
Thu, 17th Aug 2023

Semperis has launched a security-centric Active Directory (AD) migration and consolidation solution. The offering combines Semperis' new Migrator for AD with identity security expertise to help organisations migrate, consolidate, and modernise AD systems while improving security, according to the company.

Semperis appointed Michael Masciulli as Managing Director of Migration Products and Services to drive the global program rollout in collaboration with Semperis strategic partners, who have tested the tool and will support customers in tandem with Semperis in-house AD migration services team.

Marty Momdjian, Healthcare Solutions Advisor at CDW, a Semperis partner, comments, "Some organisations are spurred to action by their security teams."

"One common finding in cyber audits is that many organisations have old, sprawling AD infrastructures with disparate domains and different standards. Care and feeding for AD was not the priority for the last 15-plus years."

"These environments are extremely vulnerable to threat actors getting in and causing damage. CISOs are now using these audits as a catalyst for AD consolidation projects to reduce security risks, secure identities, and reduce unexpected downtime."

"We're excited about the opportunity to tap into Semperis AD expertise and purpose-built solutions to accelerate AD modernisation and secure consolidation for our customers," Momdjian concludes.

Semperis offers a comprehensive AD migration and consolidation solution, backed by identity security tools and expert support to ensure projects stay on track while prioritising AD security throughout the process. 

  • Preparation: Pre-migration vulnerability assessments with multiple tools, including Purple Knight (to identify and remediate existing security gaps) and attack-path analysis tool Forest Druid (to close risky access and map privileged accounts), plus easy testing of the migration process by cloning the production environment with Active Directory Forest Recovery (ADFR).
  • Execution: Monitoring with Directory Services Protector (DSP) to get visibility across all source and destination AD environments, track changes, and quickly roll back unintended changes up to the attribute level; malware-proof backups of the AD forest with ADFR for a safety net; and secured migration with Semperis Migrator for AD, which manages AD object synchronisation, password migration and synchronisation, and other functions that streamline the migration process without requiring AD trust between environments. 
  • Post-migration monitoring: Continuous assessment of the destination AD with DSP to stop configuration drift before it starts and assess the new environment for indicators of exposure (IOEs) and compromise (IOCs). 

Darren Mar-Elia, Semperis VP of Products, says, "Years of configuration drift, poor security practices, and multi-forest environments through mergers and acquisitions have introduced risky vulnerabilities into enterprise AD systems, creating a huge market demand for modernisation. However, most organisations delay these initiatives because of the time, effort, and security risks involved."

"Semperis is making life easier by offering a comprehensive AD migration and consolidation solution backed by industry-leading identity security tools and expert support to ensure your project stays on track while prioritising AD security posture throughout the process. With his extensive experience managing large and complex AD migrations, I'm thrilled Michael Masciulli is leading the charge."

In Masciulli's previous roles leading migration products and global managed services for Quest, Binary Tree, and EMC, he says he observed many organisations deferring AD migration projects because they lacked the tools and expertise to execute on time and on budget. However, with AD-based cyber attacks on the rise, AD modernisation is a top priority for security leaders.

Reducing the attack surface is now the main driver for organisations to migrate to a pristine AD forest or consolidate domains and forests. Filling a critical gap in the market, Semperis' first-of-its-kind AD migration and consolidation solution includes built-in security capabilities to avoid unnecessary security exposures during the process. 

Masciulli says, "Legacy migration tools have failed to meet the evolving needs of modern businesses, which need innovative, efficient, and secure solutions. And first-hand experience with migrating complicated AD environments is hard to find.

"I'm thrilled to join the Semperis team - the industry leader in comprehensive identity system security and recovery - in bringing much-needed AD migration guidance to organisations. Together with our partners, we can help enterprise organisations break through the inertia and get critical AD modernisation projects done efficiently and methodicallywhile improving security."