Mickey is a co-founder of Semperis and leads the company’s overall strategic vision and implementation. A long-time enterprise software expert, Mickey began his technical career in the Navy computing technical unit over a decade ago. Prior to co-founding Semperis, Mickey was the CTO of a Microsoft gold partner integration company, YouCC Technologies, successfully growing the company’s overall performance year over year. Mickey holds a BA in Technical Management and a Minor in Electronic Engineering.
RecordedFeb 25 20205 mins
Your place is confirmed, we'll send you email reminders
L’année 2020 et la crise sanitaire ont bousculé nos standards. Les nouvelles méthodes de travail et de production ont démultiplié les opportunités de déstabiliser les entreprises. Le nombre et l’impact des cyberattaques ont explosé, notamment en France, avec une augmentation des ransomwares de 255% par rapport à 2019. Un point commun entre la plupart de ces attaques : l’annuaire Active Directory qui en a été la cible ou le vecteur de propagation.
Matthieu Trivier, Solutions Architect chez Semperis, vous donne rendez-vous pour vous présenter un récapitulatif des cyberattaques en France ainsi que des pistes d’améliorations de la sécurité de votre Active Directory avant, pendant et après une cyberattaque.
As cyberattacks proliferate, many organizations are investing resources in plugging holes in their security strategy. But one common attack entry point—also used in the SolarWinds breach—is consistently overlooked: Active Directory. According to results from a new security assessment tool that evaluates security weaknesses in Active Directory configurations, even large organizations with extensive resources are seeing average scores of 58%—a failing grade.
Where are companies failing in securing Active Directory—and how can you strengthen your AD defenses? Join Microsoft identity experts Darren Mar-Elia and Ran Harel as they walk through the most common weak spots in Active Directory configurations—and how to fix them.
You’ll come away from this session with a practical checklist of AD vulnerabilities to watch for in your environment, including:
- Password policies that are inadequate for modern account protection
- Accounts with elevated privileges in place that haven’t been adequately reviewed
- Accounts with delegated permissions over Active Directory that have unwanted consequences on AD security that have proliferated over time
- Weaknesses in Kerberos usage that are increasingly being exploited to gain privileged access
- Weak Group Policy configuration, which creates a variety of holes that attackers can drive through
Disaster Recovery (DR) strategies have traditionally focused on natural disasters, then expanded into other physical events such as terrorism. Today, cyber weaponization is everywhere, and the "extinction event" is a genuine threat with no respect for geographic boundaries.
Join us on April 27 for a live webinar co-hosted by Semperis and [PARTNER] about how to quickly recover critical business operations following a ransomware attack. Working in tandem with Dell PowerProtect, Semperis focuses on an often neglected but essential part of the BCDR story: Active Directory recovery.
Presented by 15-time Microsoft MVP and identity security expert Sean Deuby (Semperis Director of Client Services), this session will cover:
• Recent cyberattacks that have targeted Active Directory, which is the primary source of identity and access trust for 90% of enterprises
• Why AD is the cyber kill chain’s weakest link – exploited in virtually every modern attack
• New “cyber-first” DR technologies automate recovery of complex systems, facilitate recovery to the cloud, and eliminate the risk of reinfection from system state and bare-metal backups.
Are passwords really dead? Tune in to this lively conversation among some of the leading luminaries of identity and access management as they debate challenges and solutions of managing access to systems and data in an escalating threat landscape. Moderated by Semperis Chief Architect Gil Kirkpatrick, "The Future of Identity" includes perspectives from John Craddock. Pam Dingle, Ulf Simon-Weidner, Guido Grillenmeier, and Ben Cauwel.
Listen as these experienced identity management experts discuss the current challenges with cloud security.
Ben Cauwel | Security Delivery Manager at Accenture Security
What are you supposed to do when you are called at 4PM by a Global company, that is under attack, for whom you have never worked with. How far did the attacker go and is he still there? What monitoring tools are in-place, do they have a DRP plan, are the backups safe? I would like to discuss how we leveraged our partners and tools to offer a secure approach including DRP + full remediation
Is cloud security an oxymoron? In this panel session, featured in the inaugural HIP Europe 2021, moderators Sean Deuby and Guido Grillenmeier discuss the current state of cloud security with panelists Tony Redmond, Jan De Clercq, and Jorge de Almeida Pinto. This lively conversation covers the evolution of enterprise trust in cloud security: Cloud providers Microsoft, AWS, and Google deliver compelling platforms that are gradually winning the hearts and minds of enterprise customers, but recent successful breaches of cloud services by threat actors have started to erode that trust.
John Craddock | IT Infrastructure and Security Analyst at XTSeminars
In this keynote, John Craddock will introduce you to the future of Identity with Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). Today, users have their identity distributed, outside of their control, across many Identity Providers (IdPs). Users are constantly being asked to prove who they are to multiple services; some proofing can be arduous and time-consuming. How would it be if you owned your identity without dependence on IdPs and only needed to prove who you are once and use that proof as often as necessary? Come and understand the possibilities with DIDs and VCs. Microsoft has a Verifiable Claims service running in Azure AD, and you can test out your ideas and concepts.
Ulf Simon-Weidner | Solution Manager Microsoft 365at Computacenter
Nowadays everything is about cloud –however the key to the cloud and your users data is the identity of your users. These identities are in most cases synced from on-premises or they are even authenticating against on-premises services. In this session Ulf –who delivered deep-level sessions about Active Directory Recovery and Delegations for many years –talks about the challenges to secure and in the worst case to recover identities across multiple instances: on-premises as well as in multiple instances in your enterprises cloud services.
Holger Zimmermann | Technical Specialist at Microsoft
Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. A ‘life hack’ (brute-force attack a overpass-the-hash attack a pass-the-ticket a domain dominance) and learn how to identify & investigate Lateral Movement and how to de-risk LMPs using Microsoft Defender for Identity.
The objective of this session is to show you by example and demos how you can implement the principles of the Zero Trust model within a Microsoft hybrid cloud infrastructure. During these 60 minutes, you will learn about Zero Trust fundamentals and why, beyond the concepts, it is important today to protect Identities and assets by turning intentions into reality.
You will discover the Microsoft security stack with Azure AD, Control & Conditional Access Management features and Microsoft 365 Defender suite. At the end of this session you will leave with a ton of best practices to drive your Zero Trust implementation and secure your hybrid infrastructure.
In a post on Medium in 2017, security researchers showed how users from the DNSAdmins group could use a feature abuse in the Microsoft DNS management protocol to make the DNS service load any DLL. This service runs on Domain Controllers as NT Authority\System, allowing DNSAdmins to escalate privileges to SYSTEM on DC (with permissions equal at least to Domain Admins). This “cute trick,” as the original researcher, Shay Ber, called it, can be useful for Red Teams exploring AD privilege escalation and is a potential backdoor for attackers into the domain controller. In this presentation, I’ll expand on Shay Ber’s research by showing how to overcome a problem with the previous technique and how to make it more stealthy. I’ll also review the required permissions to show that an adversary could use this tactic to leave a backdoor to DC that likely would not be noticed and might bypass some tools.
Tony Redmond | Owner and Principal at Tony Redmond & Associates
Now generating more than $60 billion in annual revenues, Microsoft’s cloud services are more wildly successful than anyone anticipated when Microsoft launched Office 365 in June 2011. In this session, we look at the economics, software engineering, ecosystem, and landscape of Microsoft 365 with special attention on the Office 365 workloads. We’ll discuss the reliability and security of Office 365 and the numbers driving Microsoft strategy.
Jan De Clercq | Sr Security Architect Hewlett Packard Enterprise
Cloud security is evolving from a purely cloud infrastructure-focused to a more cloud experience-focused discipline. It is about securing the cloud experience independently of where services are living: on-prem, in a shared datacenter or on the infrastructure of a cloud service provider. Spanning this heterogeneous infrastructure space and providing a simple and unified hybrid security management engine is one of the key challenges. Building this abstraction layer for security management only becomes more important with the recent focus on cloud-native applications and the shift towards serverless and cloudless infrastructures. In this session we will sketch the current cloud security landscape, describe what HPE Pointnext Services thinks it is evolving to and what challenges this will create for organizations.
Jorge De Almeida Pinto | Lead Identity/Security Consultant at IAMTEC
Active Directory (AD) has been around for about 2 decades, and many organizations started using it as soon as it became available, some even earlier. Especially large orgs have Identity Management systems to manage the lifecycle of identities somehow (user accounts, service accounts, computer accounts, other account purposes). AD has evolved and with every new release of the OS, it became more secure. However, that does not mean you are automatically using all of the most secure account settings. It also does not mean you automatically stopped using the least secure account settings. What about passwords? Are your users using weak or compromised passwords, and how do you know? Do users own multiple accounts and are they sharing passwords across accounts they own, and how do you know? Weak settings and passwords (i.e. bad account hygiene) are what the bad guys need to take over your systems, accounts and ultimately your AD through e.g. "lateral movement". Even with large orgs and/or well managed ADs, you'll be surprised of what you will see when you dig in. Although the best option is to go passwordless, or at least decrease password usage, that may not be a viable option for all orgs. So what can you do about all of this? Please join me in this session where I will explain what can be done from a technical and process perspective.
The world of cybersecurity is constantly evolving. A few years ago, Microsoft wasn't even considered a security vendor. Today, however, they are one of the top-tier solution providers in the world. Based on the experiences from running a SOC, Alex will shed a light on what it means doing so on top of Microsoft's solutions. You'll get to see the good, the bad, and also some of the ugly sides, illustrated by some cases he saw in the past.
As cyber-attacks increasingly target Active Directory as an initial entry point, the role of AD engineers and architects is rapidly expanding to include security responsibilities. At the same time that AD engineers must secure access to cloud applications, they must also guard against attackers that take advantage of AD configuration errors and Windows vulnerabilities, target user credentials, and try to maintain persistence in on-premises systems. CISOs and other technology leaders are recognizing the need to facilitate cooperation between security and identity teams to ensure secure user access in the age of cloud computing and an increasingly remote workforce. And AD experts should expect to take a more active role in security discussions.
What you'll learn in this session:
- How recent cyberattacks are using Active Directory's weak points to gain access to information systems
- How to stay up-to-date with identity-related security risks
- How to initiate discussions with security leaders and the C suite to ensure that protecting Active Directory is a core part of the company's overall security strategy
Are passwords dead? In this session, Sean Deuby and Doug Davis (Semperis, Senior Product Manager) discuss Microsoft's recent announcements at Ignite about passwordless authentication, a new concept called Temporary Access Pass, increased integration of Hello for Business provisioning, and other initiatives Microsoft is pursuing to shore up security of its products in the wake of proliferating cyberattacks that target authentication services.
The adoption of cloud-based applications and remote workforces is rapidly changing the threat landscape, and security leaders have been preparing. But no one could have predicted a global pandemic to dramatically accelerate digital transformation and force businesses to adapt literally overnight. In this time of exceptional turbulence, it's even more critical to come together as a community of peers and exchange ideas.
Join this conversation with our panel of security experts as they challenge yesteryear's best practices and push towards a safer tomorrow.
You'll hear from industry CISOs, each bringing unique perspectives, challenges, and solutions to the table. The panel includes:
Limor Kessem | CISO, CISM
James Azar | CISO, Confidential
Evan Francen | CEO and co-Founder, FRSecure
Chris Roberts | Hacker in Residence at Semperis
Pamela Dingle | Director of Identity Standards at Microsoft
Pamela Dingle, Microsoft Director of Identity Standards and founding member of Women in Identity, joins Sean for an overview of why identity standards are so important, why you should care, and what we’ll be seeing in the future.
Host: Sean Deuby @shorinsean
Guest: Pamela Dingle - Director of Identity Standards, Microsoft @pamelarosiedee
Scott Breece, Community Health Systems CISO and Gil Kirkpatrick, Semperis Chief Architect
No one can ignore the sharp uptick of hospitals victimized by ransomware. And in healthcare, the stakes are higher. Just last month, a 78-year-old patient at University Hospital Düsseldorf died after a ransomware attack crippled the hospital's IT systems and forced doctors to attempt to transfer her to another facility. It's clear just how physically dangerous cyberattacks can be, but there are no signs of attackers slowing down. Healthcare organizations, both large and small, are in the crosshairs because human collateral pays. All it takes is a user clicking on the wrong link to kick off a deadly campaign. So, what action can defenders take to avoid becoming a victim of ransomware?
The Identity Defined Security Alliance (IDSA) provides the framework and practical guidance that helps organizations put identity at the center of their IT security strategy. In this fireside chat, Scott Breece, IDSA Advisory Board Member, and CISO at Community Health Systems, joins Gil Kirkpatrick, Chief Architect at Semperis, for a candid debate about yesteryear's best practices and how to push towards a safer tomorrow. Topics of conversation include the NIST Cybersecurity Framework, managing multiple identity systems in healthcare IT environments, and of course, ransomware.
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis is headquartered in New York City and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv.
Semperis hosts the award-winning Hybrid Identity Protection conference. The company has received the highest level of industry accolades; most recently being named Best Business Continuity / Disaster Recovery Solution by SC Magazine’s 2020 Trust Awards. Semperis is accredited by Microsoft and recognized by Gartner.