Semperis announced it on Tuesday raised over $200 million in a Series C funding to accelerate hiring across all functions to support the company’s growing customer base, with a focus on its identity-focused incident response team. The move put Semperis in unicorn territory, though it doesn’t disclose a specific valuation.
The company also plans to devote a significant portion of the new funding to research and development to drive innovation in the identity systems defense market, focusing on its Directory Services Protector platform.
Gartner, which classifies the product as an Identity Threat Detection and Response (ITDR) solution, has included the ITDR category in its top cybersecurity trends for 2022, noting that misuse of credentials is the primary method used by attackers to gain access to systems and achieve their goals. Much of what Directory Services Protector does focuses on defense and incident response for Active Directory environments.
“With [our] layered identity protection, organizations can fend off cyberattacks without having to choose between two bad options: pay the criminals or get shut down,” said Mickey Bresmen, co-founder and CEO of Semperis.
It’s great to see Semperis gaining ground in securing Active Directory, as AD is a prime target for attackers who can use account access to exfiltrate sensitive data and can exploit privileged accounts – literally the keys to the kingdom – to manipulate critical IT infrastructure, said Jack Poller, senior analyst at Enterprise Strategy Group. Poller said recent research from ESG found that 45% of organizations experienced a breach or attack due to identity-related threats and 36% were breached due to permission-related threats.
“Equally important, AD sits at the center of IT – without AD, many applications can’t run, users can’t log in, and an attacker removing AD can cripple or destroy the business,” Poller said. . “Unfortunately, Microsoft’s recommendation to recover AD after a disaster or attack is a time-consuming, expensive, and error-prone manual process. Thus, identity security and AD protection has become a primary directive of the cybersecurity team, and Semperis’ ability to detect and prevent unique attacks targeting AD is becoming increasingly important, as is the [company’s] ability to automate and speed up the AD recovery process.
Frank Dickson, who covers security and trust at IDC, added that our awareness and approach to ransomware and ransomware-like attacks has matured. Dickson said attacks today take a five-step approach, including: initial compromise, lateral movement, privilege escalation, data exfiltration, and then encryption.
“Encrypting our critical data is, frankly, the last and least interesting phase of the attack,” Dickson said. “The most interesting and fundamental component of attack success centers around identity, particularly the directory. As a result, we are seeing traditional vendors like CrowdStrike and Qualys investing in identity offerings. to address cybersecurity use cases on behalf of XDR. Obviously, start-ups like Semperis are also looking to capitalize on market needs.”