Semperis leverages existing identity security capabilities along with a new migration tool, to offer a comprehensive Active Directory transition and consolidation offering. Credit: Gorodenkoff / Shutterstock Companies often have extended, complex Active Directory infrastructures that have been expanded over time to encompass different domains, potentially creating security issues when they move to a new AD environment. A new AD migration and consolidation offering from identity-based cybersecurity provider Semperis is designed to tackle this problem head-on, streamlining the transition process while ensuring organizations’ security posture. The offering combines a new Migrator for AD product with a suite of existing Semperis capabilities designed for security-centric AD migration. AD migration involves the process of moving or transitioning from one Active Directory environment to another. This could mean migrating from an older version of Windows Server to a newer version, consolidating multiple AD forests (group of AD domains connected hierarchically) or domains into a single forest or domain, or even moving from on-premises AD to cloud-based services like Azure Active Directory. Active Directory migration risks Existing products lack security layering in the migration process, which leads to configuration drifts, unmanageable multiforests risks, and attack surface proliferation, claims Michael Masciulli, managing director of migration products & services atSemperis. “Our solution includes comprehensive AD security and recovery capabilities to provide a critical safety net that is often overlooked but highly valued in the migration process,” Masciulli said. The new Semperis migration program is being offered as an on-premises deployment, but the company plans a SaaS release, and anticipates offering term and perpetual licensing. Semperis did not disclose a release date for the SaaS version, or details on pricing. The migration system brings together a variety of products from Semperis’ existing armory, including Purple Knight, Forest Druid, Active Directory Forest Recovery (ADFR), and Directory Services Protector (DSP). While Purple Knight and Forest Druid are used in premigratory preparations for vulnerability assessments and attack path analysis, respectively, while ADFR is used as a pre- as well as post-migration tool to clone the AD environment for testing and recovery purposes. DSP monitors all source and destination AD environments to track changes and roll back unintended changes (with ADFR) up to the attribute level. Existing techniques need modernization “We help organizations design their AD infrastructure to meet modern security standards, monitor for existing indicators of exposure (IOEs) and compromise (IOCs), indicators of attacks, and other vulnerabilities including password spray, Golden Ticket, and Kerberoasting attacks,” Masciulli said. “We also mitigate the risks of migration by creating an exact copy of the production AD to test the migration beforehand, monitor for new vulnerabilities, and quickly roll back any unintended changes.” The new offering will also monitor the destination AD to stop configuration drift before it starts and continuously assess the new environments for IOEs and IOCs, Masciulli added. Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe