Semperis- Experts & Thought Leaders

Semperis, a pioneer in identity-driven cyber resilience, announced the release of Lightning Identity Runtime Protection (IRP), a new identity threat detection and response (ITDR) offering that uses machine learning models developed by identity security experts to detect widespread and successful attack patterns such as password spray, credential stuffing, other brute force attacks, and risky anomalies. The first offering in the Semperis Lightning™ platform, IRP brings critical identity context to attack pattern and anomaly detection, helping organisations spot and quickly respond to high-risk events. Semperis' real-world experience Lightning IRP addresses a persistent problem for cyber defenders: Known identity attack patterns like password spraying continue to be extremely successful because of the difficulty in detecting and responding to the sheer signal volume and noise. Lightning IRP focuses defenders on the most critical identity attack alerts and reduces noise  Using trained algorithms based on Semperis' real-world experience responding to identity attacks in the wild and supporting the world's largest enterprises and government agencies, Lightning IRP detects sophisticated identity attacks that traditional ML solutions miss. Lightning IRP focuses defenders on the most critical identity attack alerts and reduces noise by layering in an identity-risk fabric that draws insights from multiple sources, including: Directory change tracking data across hybrid Active Directory and Entra ID environments. Hundreds of security indicators of exposure and compromise, regularly updated by Semperis' identity threat research team. Tier 0 attack path analysis to map out risky relationships to privileged groups with access to sensitive data. Real-life identity system “Detecting an anomaly is relatively easy,” said Semperis CEO Mickey Bresman. “Putting it into context is where the challenge is. We’ve combined deep machine learning expertise with our first-hand knowledge of how real-life identity system attacks work to provide meaningful context that helps organisations isolate and address high-risk threats.” “IRP uses a growing threat library of exposures, compromises, and attack patterns in parallel with a continuous stream of identity security data to significantly accelerate an effective response to identity system threats,” said Semperis Chief Scientist Dr. Igor Baikalov, who before joining Semperis led the development of security intelligence and risk analytics solutions at Bank of America. “Identity Runtime Protection focuses on several use cases, including anomalous logons and service ticket anomalies, that have been problematic for years because they are hard to detect and respond to at scale,” said Dr. Baikalov. Semperis’ identity threat intelligence Lightning IRP captures, analyses, and correlates authentication activities with Semperis’ identity threat intelligence to detect known attack patterns or signal malicious behaviour, including: Password spray attacks: Monitors logon attempts to detect patterns indicative of a password spray attack. Brute force attacks: Monitors repeated and rapid logon attempts against a single user to detect potential brute force attacks. Anomalous logons: Look for user logon anomalies that indicate an anomalous logon attack on AD. Anomalous resource access: Monitors a user’s activity and any interaction with services that indicate an attack on AD services. Service ticket anomalies: Look for suspicious service ticket requirements that indicate a Kerberoasting attack on AD. Attack pattern detection capabilities “Lightning IRP builds on our current offerings of pre-attack scanning for indicators of exposure and compromise and our ability to see changes happening across on-premises Active Directory and Entra ID,” said Semperis VP of Products Darren Mar-Elia. “We’re extending our live attack pattern detection capabilities, changing the way the industry applies machine learning to detect cyberattacks.”

Cybersecurity breach containment is tipped to be one of the key talking points on the show floor at the year’s Infosecurity Europe, the most influential information security event running from 20-22 June 2023 at ExCeL London. Insights, advice, and strategy for cybersecurity Attendees will be able to meet leading cybersecurity providers and consultants, to find solutions to their challenges and equip themselves with tools to deliver an effective strategy.   As cybersecurity breaches continue to steal the headlines, exhibitors at Infosecurity Europe are lining up to provide insight and advice to focus on response, recovery, and resilience, and to educate and evoke behavioural changes in tackling security threats.   Case studies Just some of those stepping away from their stands to take to the conference theatres and share best practice techniques, unique views, ideas, and real-world case studies are:  Unilever and ThinkCyber will explore the theory and real-world application of the nudge theory Forget traditional security awareness – your people already have Unilever and ThinkCyber (creators of Redflags®), who will be joining forces to share their thoughts on the future of security awareness and explore the theory and real-world application of behavioural models and nudge theory, including a uniquely real-time approach, to security awareness to help people precisely at the point of risk. Their talk “Forget traditional security awareness – your people already have”, will take place at 16.45, Monday 20th June in the Strategy Talks theatre.   War stories from the trenches On Tuesday 20 June and Wednesday 21 June from 11.00-11.30 and from 15.00-15.30, Senior Incident Response Lead Jorge de Almeida Pinto, Semperis, will share real-life “War stories from the trenches’ around how he has helped organisations stop potentially business-crippling in-progress identity system attacks. In addition, Jorge de Almeida Pinto will present a real-life Active Directory attack incident and recovery scenario during his Strategy Talk on Thursday 22 June from 10.00-10.25: Attendees will learn why an Active Directory Recovery Plan is a vital resource for ongoing operational resilience, various options for such a plan, and important consideration during the planning process.  Strategy Talk Illumio will showcase the impact of breach containment and how organisations can reduce risk Illumio will showcase the impact of breach containment and how organisations can reduce risk, stop ransomware and breaches from spreading, and maximise ROI from their security investments by implementing a breach containment strategy.  Illumio’s Head of Industry Solutions, Raghu Nandakumara and Bishop Fox, will present a Strategy Talk at 11:30 am on the 22nd of June on why every pound spent must have a measurable impact towards resilience.   Increase in AI use On Wednesday 21st in the Technology Showcase at 16:00, Andy Syrewicze, Security Evangelist with Hornetsecurity, will discuss what the increase in AI use means for the industry, covering: Why AI-Driven Attacks Aren’t Infallible, how blue teams can leverage AI for defence and training and how security vendors can bring increased value with AI ChatGPT and AI.  Visitors can also relax and have a coffee in the VIP lounge on their stand, N40, or test their skills in their games and cybersec-quiz and be in with the chance to win a JBL BT-loudspeaker.  Collaboration and education opportunities Practitioners come together to share their knowledge to find solutions to an ever-evolving threat landscape" Nicole Mills, Exhibition Director at Infosecurity Group, says, “Infosecurity Europe attracts businesses of all shapes and sizes, whether start-ups or cybersecurity giants, each with invaluable tips, tricks, and tools of the trade that they are looking to share with likeminded industry professionals." "The event provides an opportunity for collaboration and education, as practitioners come together to share their knowledge as businesses look to find solutions to an ever-evolving threat landscape." Live demos  "This year brings with it opportunities to see, hear and learn from a hugely diverse mix of companies and speakers, with some equally diverse solutions to the challenges we face.”  There will be a myriad of live demos and opportunities to get hands-on with the latest product releases, software launches, and fun interactive experiences.  Security Workshop CYE will be presenting a Security Workshop - Gallery Room 7 on Tuesday, 20th Jun, from 14:00 - 15:30. The attendees will learn reconnaissance, and fuzzing techniques, discover how to uncover existing APIs and test them for vulnerabilities and learn useful resources to improve their API pen-testing knowledge and skills.  IT security offerings Experience live demos of Jamf's innovative solutions and is offering a fun and interactive wacky sack-style game Jamf, the pioneer in managing and securing Apple at work, is excited to showcase its latest IT security offerings. Visitors to the Jamf stand at F55 will also have the opportunity to experience live demos of Jamf's innovative solutions and is offering a fun and interactive wacky sack-style game where visitors must throw a hanky sack into the correct hole based on the information provided about Trusted Access, which is sure to attract delegates to the stand.   Air-gap technology solution Salvador Technologies will present on stand F75, their innovative solution designed for critical infrastructures and manufacturing, based on an air-gap technology to enable recovery from cyber-attacks in as little as 30 seconds!   Netskope, sponsors of Infosecurity Europe’s VIP Leaders Lounge programme, will have a ‘Grab a grand to Getaway’ - a crystal maze style token ‘cash’ grabbing game on stand Z60, plus many other goodies along with VIP passes for key partners and businesses.  DigitalXRAID's gamified workshop DigitalXRAID will be running a range of interactive activities and live demos on its stand M50 Centered around the theme ‘don’t let the bad guys win,’ DigitalXRAID will be running a range of interactive activities and live demos on its stand M50, with experts on hand to answer questions attendees have about their security posture and roadmap.  DigitalXRAID is also running a gamified workshop to test guest attendees and industry experts on their approach to risk management.  Three days of learning, discovery, and insights As well as uncovering if organisations are playing ‘the wrong game’ of risk when it comes to cybersecurity, the workshop will cover topics front-of-mind for business and security leaders, including how to get buy-in from the board for security programs and how a proactive strategy can reduce business costs and deliver ROI.   Alongside a host of innovative exhibitors on the show floor,  the Conference programme features seven theatres, delivering 192 sessions, giving visitors access to three days of learning, discovery, and insights all under one roof.