Latest News

Semperis Launches Delegation Manager to Reduce Risky Identity System Account Permissions Frequently Exploited by Cyberattackers

Semperis, a pioneer in identity-driven cyber resilience, today announced the release of Delegation Manager, an Active Directory (AD) rights management solution that allows granular control of permissions to specific groups, saving time for IT teams tasked with access control while closing security gaps that cyberattackers routinely exploit.

“Delegation Manager helps IT and security teams guard against permission sprawl that is a persistent security problem for many organizations because excessive privileges are granted out of convenience,” said Darren Mar-Elia, Semperis VP of Products. “Cyberattackers routinely target vulnerabilities left by misconfigurations related to access-control lists (ACLs) and remediating these security gaps is time-consuming and error-prone. Delegation Manager makes it faster and easier for teams to selectively grant permissions only to the groups that need them, improving overall security posture and reducing the risk of ACL-based attacks.”

CISA cites various forms of risky access rights in its list of top AD misconfigurations that lead to cyberattacks, including bypass of system access controls, improper separation of user and administrative privileges, and insufficient ACLs on network shares and services. Delegation Manager provides a layer of role-based access control on AD that helps organizations easily implement a secure delegation model to simplify policy management, access management, and security automation, including:

• Creating and managing policies to securely delegate administrative privileges
• Monitoring user-initiated directory security changes
• Reinforcing policy compliance through seamless directory reapplication
• Controlling access rights with a built-in policy wizard
• Seamlessly importing preconfigured delegation permissions
• Seeing a clear visualization of policy application
• Quickly identifying users with directory permissions

“Many organizations struggle to implement a solid AD delegation model, which can lead to security vulnerabilities, operational inefficiencies, and difficulties in user access management,” said Semperis CEO Mickey Bresman. “IT teams need to be able to respond quickly to user access needs without granting excessive privileges that cyberattackers can abuse. Delegation Manager automates delegation rights management so IT teams can move faster while reducing cyberattack risk across the identity system.”

Delegation Manager builds on Semperis’ identity resilience platform, which provides comprehensive threat prevention, detection, and response solutions before, during, and after an identity-related cyberattack. For more information about Delegation Manager, visit [link to product page].

About Semperis

Semperis protects critical enterprise identity services for security teams charged with defending hybrid and multi-cloud environments from cyberattacks, data breaches, and operational errors. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis’ patented technology protects 100+ million identities across government agencies and the world’s leading enterprises.

As part of its mission to be a force for good, Semperis offers a variety of cyber community resources, including the award-winning Hybrid Identity Protection (HIP) Conference, HIP Podcast, and free identity security tools Purple Knight and Forest Druid. Semperis is a privately owned, international company headquartered in Hoboken, New Jersey, with customers in more than 40 countries.