Latest News

Semperis and Trellix Partner to Accelerate Cyber Breach Containment

Joint solution combines unprecedented visibility into the identity system with comprehensive extended detection and response (XDR), significantly reducing time to detect and contain attacks involving Active Directory (AD) and Entra ID.

Semperis, a pioneer in identity-driven cyber resilience, today announced a joint offering with Trellix, whose XDR platform is used by 40,000 organisations, including 80 percent of the Fortune 100, providing unmatched visibility into identity system breaches with extended detection and response (XDR) to accelerate attack detection and containment of identity-based attacks.

The Semperis-Trellix partnership combines AI-driven threat detection and response from the Trellix XDR Platform with hybrid Active Directory and Entra ID ML-based monitoring and change tracking from Semperis Directory Services Protector (DSP) to identify and address attacks that start with device compromise and move laterally through privilege escalation to the identity system—the common target in 90 percent of cyberattacks. The joint solution saves time in detecting, isolating, and containing attacks, which today takes an average of 287 days, according to IBM research.

Semperis DSP adds rich, contextual identity security data to the Trellix XDR platform, providing organisations with actionable recommendations based on identity system forensics to uncover which accounts were compromised, see adversary-made modifications to group and user permissions, and auto-remediate malicious changes.

“When an endpoint such as a workstation is compromised, Trellix’s XDR provides critical information about endpoint attacks, including who was logged in when the incident occurred,” said Mickey Bresman, CEO, Semperis. “From that point, Semperis DSP can analyse forensics data of changes made to the identity system, follow the path of activities made by the compromised account, and automatically undo those changes, dramatically reducing response time.”

The combined capabilities of Semperis and Trellix help organisations deal with the persistent problem of threat actors gaining system access by compromising endpoints, moving laterally through the network, and escalating privileges to take control of, and hold for ransom, the entire identity system—the backbone of the organisation’s business operations.

“By combining Trellix’s AI-powered XDR Platform with Semperis DSP’s continuous monitoring, change tracking, and automated remediation for hybrid AD environments, we’re enabling organisations to stop threat actors in their tracks,” said Sean Morton, SVP Strategy and Services, Trellix. “Our partnership with Semperis furthers our mission to secure customers and enable them to proactively prevent and quickly remediate attacks across the ecosystem—from endpoint to the identity system.”
The Semperis-Trellix offering is available through the companies’ extensive partner networks. To learn more, visit

About Semperis
For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis’ patented technology protects over 100 million identities from cyberattacks, data breaches, and operational errors. The world’s leading organisations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress, and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada, and Israel.
Semperis hosts the award-winning Hybrid Identity Protection conference and podcast series ( and built the community hybrid Active Directory cyber defender tools, Purple Knight ( and Forest Druid. The company has received the highest level of industry accolades, recently named to Inc. Magazine’s list of best workplaces for 2023 and ranked the fastest-growing cybersecurity company in America by the Financial Times. Semperis is a Microsoft Enterprise Cloud Alliance and Co-Sell partner and is a member of the Microsoft Intelligent Security Association (MISA).
Learn more:
Follow us: Blog / LinkedIn / X / Facebook / YouTube