Semperis, a pioneer in AI-powered identity security and cyber resilience, announced Service Account Protection Essential, a new edition of Directory Services Protector (DSP) that provides unmatched visibility, monitoring, and alerting for Active Directory service accounts, a prime target for cyber attackers.
"Service accounts are pernicious and nearly ungovernable by nature, so organizations struggle to adequately address them in security planning," said Ran Harel, Semperis AVP of Security Products, adding "Think about how many applications are onboarded and retired over the course of an Active Directory's lifespan. Each one of these applications may have several service accounts that connect them to AD."
Service accounts
With Service Account Protection Essential, organizations can identify service accounts
"Those service account permissions are a black box, with passwords that are static or stale, but no one dares delete them. They're an obvious target for attackers because of their ungovernable state," continues Ran Harel.
With Service Account Protection Essential, organizations can identify service accounts, build an inventory, and continually monitor them for security vulnerabilities with specialized indicators developed by Semperis’ expert threat research team.
Service Account Protection discovers unknown and misplaced service accounts, detects stale and misconfigured accounts, identifies risky configurations and critical exposures, and alerts on malicious and anomalous behavior.
SolarWinds attack
Alex Weinert, Semperis Chief Product Officer, points out that the SolarWinds attack highlighted the vulnerability of service accounts, which have long been a favored target for threat actors.
"Service accounts are very attractive to attackers," said Alex Weinert, former Microsoft VP of Identity Security, adding "These accounts tend to proliferate in legacy AD applications and acquire excessive privileges over time, making them an obvious target for malicious actors, especially when service accounts are included in privileged cloud roles or groups tied to Microsoft 365."
He continues, "Service Account Protection Essential gives organizations unprecedented visibility into their service account security posture by helping them identify service accounts, create an inventory, and continuously monitor them to reduce the overall attack surface of the hybrid AD environment."
Release of DSP
The latest release of DSP includes new capabilities that save time for security practitioners who manage Active Directory and Entra ID object lists and automated response rules. Security teams can now quickly group AD and Entra ID objects, including privileged accounts and service accounts, into object categories to simplify administration, enable quick changes, and set automated response rules to undo malicious changes as they are detected.
Building on the most comprehensive hybrid Active Directory threat detection and response platform, the enhanced DSP dashboard provides a comprehensive breakdown of recent changes in AD, recent attack detection events, overall system health, and comprehensive risk scoring to help security teams quickly respond to identity threats and communicate identity security posture within their organizations.
Learn why leading casinos are upgrading to smarter, faster, and more compliant systems
