Latest news with #EntraID
Techday NZ
4 days ago
- Business
- Techday NZ
Quest Software unveils new executives & USD $350m investment
Quest Software has appointed a new executive team to support its expansion priorities in AI readiness, cybersecurity, and platform modernisation. Key executive hires The company has announced the appointments of Ashish Joshi as President and Chief Financial Officer, Maureen Perrelli as Chief Channel Officer, and John Bertero as Senior Vice President and Chief Revenue Officer. These leadership positions have been filled in response to increased demand for artificial intelligence, secure identity management, and updated data platforms in the enterprise sector. Ashish Joshi will oversee Finance, Legal, and Compliance. Joshi previously served as Chief Operating Officer and Chief Financial Officer at Redwood Software and has a background in scaling software-as-a-service enterprises. Maureen Perrelli brings experience from her prior roles at Oracle, GE, Secureworks, NCR, and Brivo, and will now lead Quest Software's global channel strategy. She is responsible for developing the company's partner ecosystem to address the requirements of businesses seeking AI enablement. John Bertero, who has a track record of managing high-performing sales teams, assumes responsibility for all global sales operations with a focus on customer-centric solutions. Investment and strategy These appointments follow a capital investment of USD $350 million intended to accelerate product development around embedded AI capabilities and readiness technologies. This investment supports Quest Software's plans to help enterprises unlock greater value from AI while strengthening its partner network, which focuses on strategic alliances across data, identity, and Microsoft environments, including Active Directory and Entra ID. Tim Page, Chief Executive Officer of Quest Software, commented on the expanded leadership group, stating: "I couldn't be more excited to work with such a high-powered executive team. This team is a competitive advantage and positions Quest to deliver what customers expect - faster decisions, clearer priorities, and market-leading solutions that work out of the box. That means stronger accountability, smarter execution, and a tighter connection between what we build and what our customers need." According to the company, the shifting landscape in enterprise technology is increasing the importance of scalable platform modernisation and trusted providers who can partner with organisations to govern data, secure access, and expand operational capabilities as AI adoption rises. Company direction With the reported uplift in demand for secure and modernised IT infrastructure, Quest Software has indicated that its focus remains on operational excellence, customer value, and readiness to help businesses transition to AI-enabled environments. Tim Page further stated: "This is about execution, accountability, and delivering at scale. With the right team in place and a differentiated platform, we're ready to lead our customers into the future - faster, more securely, and with confidence." Quest Software currently serves more than 45,000 companies worldwide, including over 90% of the Fortune 500, providing solutions related to data management, governance, cybersecurity, and platform modernisation.
Techday NZ
4 days ago
- Business
- Techday NZ
Semperis launches tool to secure AD service accounts
Semperis has introduced a new edition of its Directory Services Protector (DSP), known as Service Account Protection Essential, aimed at improving the security management of Active Directory and Entra ID service accounts. Service accounts, which are non-human identities used by applications to interact with directory services, frequently pose security challenges due to unmanaged proliferation and a tendency to accrue excessive privileges over time. These characteristics make them susceptible to exploitation by cyber attackers. Service Account Protection Essential is designed to provide organisations with an inventory of these accounts and facilitate ongoing monitoring for vulnerabilities based on intelligence from the Semperis research team. The tool can also discover previously unknown or misplaced service accounts, as well as detect stale and misconfigured ones. In addition, it identifies risky configurations, highlights critical exposures, and issues real-time alerts in response to malicious or anomalous activity. Security concerns "Service accounts are pernicious and nearly ungovernable by nature, so organisations struggle to adequately address them in security planning. Think about how many applications are onboarded and retired over the course of an Active Directory's lifespan. Each one of these applications may have several service accounts that connect them to AD. Those service account permissions are a black box, with passwords that are static or stale, but no one dares delete them. They're an obvious target for attackers because of their ungovernable state," said Ran Harel, Semperis AVP of Security Products. The focus on service accounts comes in the wake of high-profile supply chain attacks. Alex Weinert, Semperis Chief Product Officer, drew attention to previous incidents involving compromised service accounts to illustrate their ongoing risk to organisations. "Service accounts are very attractive to attackers. These accounts tend to proliferate in legacy AD applications and acquire excessive privileges over time, making them an obvious target for malicious actors, especially when service accounts are included in privileged cloud roles or groups tied to Microsoft 365. Service Account Protection Essential gives organisations unprecedented visibility into their service account security posture by helping them identify service accounts, create an inventory, and continuously monitor them to reduce the overall attack surface of the hybrid AD environment," said Weinert, former Microsoft VP of Identity Security. Features and dashboard improvements The updated DSP platform offers new capabilities designed to streamline work for security teams managing Active Directory and Entra ID object lists. Security practitioners can now categorise AD and Entra ID objects - including both privileged and service accounts - directly within the tool. This categorisation supports administrative tasks, enables swift policy changes, and helps automate responses to malicious modifications by reverting unauthorised changes as soon as they are detected. The DSP dashboard itself has been enhanced to provide a detailed summary of recent changes within Active Directory, comprehensive records of attack detection events, overall system health indicators, and a risk scoring mechanism. This information is intended to facilitate quick responses to identity threats and help organisations convey the status of their identity security posture internally. With the launch of Service Account Protection Essential, Semperis expands its capabilities for protecting hybrid and multi-cloud identity environments, which now include Active Directory, Entra ID, and other platforms. The new edition is positioned as a way for businesses to address pressing risks associated with unmanaged service accounts and reduce their exposure to identity-based attacks. Follow us on: Share on:
TECHx
29-07-2025
- Business
- TECHx
Check Point Unveils MDR 360° and MXDR 360° Services
Home » Emerging technologies » Cyber Security » Check Point Unveils MDR 360° and MXDR 360° Services Check Point® Software Technologies Ltd., has announced the launch of Check Point MDR 360° and MXDR 360°. The new suite of managed detection and response (MDR) services is designed to streamline security operations and reduce response times. It also enhances visibility across endpoint, identity, cloud, and network environments. These services are part of the Check Point Infinity Global Services portfolio. They reflect the company's focus on delivering vendor-neutral cyber security solutions tailored for modern enterprises. Check Point revealed that MDR 360° and MXDR 360° offer 24/7 protection and expert-led incident response through a fully managed Security Operations Center (SOC). This is especially valuable in today's threat landscape, where organizations face growing risks, compliance demands, and a shortage of skilled professionals. The company emphasized its identity-first approach to threat detection. The new services offer full visibility, real-time monitoring, and misconfiguration detection across Microsoft Active Directory (AD), Entra ID, Okta, and other SSO platforms. This helps detect credential abuse, lateral movement, and privilege escalation early. Check Point reported that the services support a wide range of third-party tools across cloud, endpoint, identity, and SaaS environments. The open garden model allows customers to retain control and optimize existing investments. New integrations with industry leaders such as Amazon, Microsoft, and Wiz enhance the threat response process. For example, Wiz exposure alerts are transformed into prioritized incidents for faster investigation. Key capabilities include:• Vendor-neutral integrations across cloud, endpoint, firewall, and SaaS tools• Built-in identity threat detection for Microsoft AD, Entra ID, and Okta • Enterprise-grade SIEM and data lake support in the MXDR tier Check Point stated that MXDR 360° includes managed SIEM and a data lake, supporting compliance and cost-effective threat analytics. Meanwhile, MDR 360° adds identity-layer protection and expanded integrations, and the base MDR tier focuses on core detection using endpoint agents and APIs. The services come with over 100 expert-led incident response hours annually. These include planning, tabletop exercises, and root cause analysis, helping organizations strengthen their cyber resilience. According to Eitan Lugassi, VP of Infinity Global Services at Check Point, the integration of AI, threat intelligence, and identity protection allows faster, high-confidence responses from the 24/7 SOC. He noted that Check Point supports over 160 integrations to simplify operations and scale cyber defense across hybrid infrastructures. The company added that the services address growing identity-based attacks and support organizations with actionable intelligence and strategic security partnership. Check Point Infinity Global Services continues to deliver end-to-end managed security solutions, serving more than 5,000 organizations worldwide.
Channel Post MEA
29-07-2025
- Business
- Channel Post MEA
Check Point Software Launches Vendor-Neutral Managed Detection & Response Services
Check Point Software Technologies has announced the launch of Check Point MDR 360° and MXDR 360°, a new suite of managed detection and response (MDR) service packages. These offerings simplify security operations, reduce response time, and enhance visibility across endpoint, identity, cloud, and network environments. Part of the Infinity Global Services portfolio, Check Point MDR 360° and MXDR 360° reflect the company's commitment to delivering open garden, vendor-neutral cyber security services tailored to the needs of modern enterprises. As organizations face rising threats, compliance pressures, and a shortage of skilled talent, the services provide 24/7 protection and expert-led incident response through a fully managed SOC. With built-in identity protection, deep integrations, and enterprise-grade data capabilities, they help secure infrastructure and close critical security gaps across complex environments. 'With security teams under pressure, Check Point MDR 360° and MXDR 360° are designed to reduce operational burden with real-time, outcome-driven detection and response that is both flexible and vendor-agnostic,' said Eitan Lugassi, VP Infinity Global Services at Check Point Software Technologies. 'Check Point is unique in terms of our seamless integration of AI, threat intelligence, and identity protection, enabling faster, high-confidence decisions and stronger response actions by our 24/7 SOC and expert IT teams providing proactive services and crisis containment expertise when it matters most. With identity-focused threat detection and an open integration model, we're helping organizations cut through complexity and scale protection across hybrid infrastructures.' As attackers increasingly target users, identity protection has become essential. Check Point delivers full visibility, real-time monitoring, and misconfiguration detection across Microsoft AD, Entra ID, Okta, and other SSO platforms. This enables early detection of credential abuse, lateral movement, and privilege escalation. The new services are designed for interoperability, supporting a broad range of third-party tools across cloud, endpoint, identity, and SaaS environments. This open garden approach allows organizations to optimize existing investments without sacrificing control or visibility. New integrations with partners like Amazon, Microsoft and Wiz and other industry security organisations further enhance response workflows, for example, by transforming Wiz exposure alerts into prioritized incidents for faster investigation. Key Capabilities Include: Vendor-Neutral Integrations: Broad support across cloud, endpoint, firewall, and SaaS tools Broad support across cloud, endpoint, firewall, and SaaS tools Built-In Identity Threat Detection: Native support for Microsoft AD, Entra ID, and Okta, included as a core service Native support for Microsoft AD, Entra ID, and Okta, included as a core service Cost-Effective SIEM & Data Lake (MXDR Tier): Delivers enterprise-grade data management and compliance support while optimizing cost through a co-managed approach — using SIEM for high-value security analytics and Data Lake for cost-efficient data retention, threat hunting, and investigations. Delivers enterprise-grade data management and compliance support while optimizing cost through a co-managed approach — using SIEM for high-value security analytics and Data Lake for cost-efficient data retention, threat hunting, and investigations. Proactive and Reactive Incident Response: Includes 100+ expert-led IR hours annually, spanning crisis management, tabletop exercises, planning, and runbooks meant to help organizations prepare for, respond to, and recover from cyber incidents, with flexible hours leveraged for compromise assessments, root cause analysis, and other tailored support to strengthen cyber resilience. Includes 100+ expert-led IR hours annually, spanning crisis management, tabletop exercises, planning, and runbooks meant to help organizations prepare for, respond to, and recover from cyber incidents, with flexible hours leveraged for compromise assessments, root cause analysis, and other tailored support to strengthen cyber resilience. 24/7 Threat Detection and Response: Unified detection, investigation, and response across the full attack surface driven by alerts to proactively identify threats and escalate to IR when an active attacker is confirmed, enabling faster, higher confidence verdicts and actions across the threat lifecycle, unlike Incident Response which focuses on crisis management during an active breach. Check Point MDR and MXDR 360° are available via three flexible subscription tiers. The MDR tier provides core detection and response using endpoint agents and APIs. MDR 360° adds identity-layer protection, expanded integrations, and access to Infinity XDR/XPR for AI-driven incident enrichment and threat intelligence. MXDR 360° delivers a full-scale solution with managed SIEM and a data lake for compliance and co-managed SOC operations. Check Point Infinity Global Services provides end-to-end managed security solutions used by over 5,000 organizations worldwide. From proactive assessments and threat intelligence to professional services and SOC-as-a-service, the services help customers strengthen their security posture, reduce risk, and drive long-term resilience, supported by real-time AI-driven threat intelligence and a global team of experts. Part of the Infinity Global Services portfolio, MDR 360° and MXDR 360° reflect Check Point's commitment to delivering open garden, vendor-agnostic cyber security services tailored to modern enterprise needs. In today's world of growing cyber threats, compliance demands, and talent shortages, the new services boost security by providing 24/7 protection and expert incident response through a fully managed SOC. They include enriched integrations, identity threat detection, and data lakes, protecting the data plane and infrastructure while adding a crucial new layer focused on identity threat detection. 'With security teams stretched thin, MDR 360° and MXDR 360° are designed to ease the load by delivering real-time, outcome-driven detection and response services that's both flexible and open,' said Eitan Lugassi (Gilad), VP Infinity Global Services at Check Point. 'With native identity threat and attack detection and over 160 integrations, we're helping organizations streamline complexity and scale their cyber security strategy faster.' As attackers increasingly target people over systems, identity protection has become essential. Check Point provides full visibility, real-time monitoring, and misconfiguration detection across platforms like Microsoft AD, Entra ID, and Okta, and other SSO tools. This enables early detection of credential-based attacks, lateral movement, and privilege abuse, helping organizations stay one step ahead. Built for cross-platform functionality, the solution integrates with over 160 third-party tools across cloud, endpoint, identity, and SaaS environments. This open approach enables organizations to maximize existing investments without sacrificing control or visibility. 'Organizations aren't just looking for alerts – they want actionable intelligence and strategic partnership,' Eitan Lugassi (Gilad). 'Our mix of AI-driven detection and human expertise helps organizations respond faster and build long-term resilience.'
Techday NZ
17-07-2025
- Business
- Techday NZ
Windows Server 2025 flaw lets attackers persist in Active Directory
Semperis researchers have identified a design flaw in Windows Server 2025 that could leave managed service accounts vulnerable to undetected attacks. Vulnerability details The flaw, which researchers are calling 'Golden dMSA', affects delegated Managed Service Accounts (dMSAs) within Windows Server 2025. According to Semperis, the vulnerability could allow attackers to achieve persistent, undetected access to these accounts, potentially exposing resources across Active Directory for indefinite periods and enabling cross-domain lateral movement. Researcher Adi Malyanker from Semperis has developed a tool named GoldenDMSA, which incorporates the logic of the attack and enables security professionals to simulate and understand the risks posed by the vulnerability. The tool aims to help defenders evaluate how the technique might be exploited in their own environments. Technical findings The Golden dMSA attack centres on a cryptographic vulnerability in Microsoft's newly introduced security features within Windows Server 2025. The architectural setup of dMSAs is exploited because the ManagedPasswordId structure contains time-based components that are predictable. These components offer only 1,024 possible combinations, making it computationally trivial for attackers to brute-force service account passwords. "Golden dMSA exposes a critical design flaw that could let attackers generate service account passwords and persist undetected in Active Directory environments," said Malyanker. "I built a tool that helps defenders and researchers better understand the mechanism of the attack. Organisations should proactively assess their systems to stay ahead of this emerging threat." This flaw means that threat actors could potentially move laterally across domains and maintain access over time, evading detection by traditional monitoring methods. Industry context The new research on Golden dMSA follows previous identity-related discoveries by Semperis. The company's researchers have also highlighted a vulnerability called nOauth in Microsoft's Entra ID, which is known to enable full account takeover in certain vulnerable SaaS applications with limited attacker interaction. Within the last year, Semperis further developed detection capabilities in its Directory Services Protector platform to defend against BadSuccessor, described as a severe privilege escalation technique that targets a newly introduced feature in Windows Server 2025. The team previously identified Silver SAML, which is a variant of the SolarWinds-era Golden SAML technique. Silver SAML is notable for its ability to bypass standard security defences in applications integrated with Entra ID. Recommendations and implications Semperis is advising organisations using Windows Server 2025 to consider proactively assessing their managed service accounts and other identity infrastructure. By understanding the mechanism of the newly disclosed attack and employing simulation tools such as GoldenDMSA, security and IT teams can evaluate their exposure and consider mitigation strategies. The discovery of Golden dMSA highlights ongoing challenges in identity and account management security, particularly as new features are introduced into widely used enterprise systems like Active Directory. The predictability of password generation mechanisms, as exposed by Malyanker's research, underscores the importance of cryptographic design choices in authentication frameworks. Semperis continues its focus on identity security research and has called on others in the cybersecurity community to stay vigilant as new issues emerge with changes in enterprise software architecture and security models. Follow us on: Share on:
