# Semperis **Source:** https://geo.sig.ai/brands/semperis **Vertical:** Cloud Security, CNAPP & Identity Security **Subcategory:** Identity Threat Detection & Response **Tier:** Challenger **Website:** semperis.com **Last Updated:** 2026-04-14 ## Summary Hoboken NJ Active Directory security platform; raised $200M+; identity threat detection and response for AD, Entra ID, and hybrid identity environments. ## Company Overview Semperis is an identity security company founded in 2014 and headquartered in Hoboken, New Jersey. The company focuses on securing and recovering Active Directory (AD) and Azure Active Directory (Entra ID) environments, which represent the most critical identity infrastructure in the majority of enterprises. Active Directory is the primary authentication and authorization backbone for Windows environments globally, and it has become one of the most attacked components in modern ransomware and nation-state intrusions — attackers that compromise AD can gain access to every system in an organization.\n\nSemperis raised $200 million in a Series C round led by JP Morgan Growth Equity Partners and Vision Blue, valuing the company at approximately $1 billion. Its platform covers three domains: Directory Services Protector (DSP) for continuous AD threat monitoring and automated attack rollback; AD Security Assessment for evaluating the attack surface of AD configurations; and Active Directory Forest Recovery (ADFR) for rapid recovery of AD from cyberattacks. The ADFR product addresses a critical gap: most organizations' backup and recovery processes are not designed to recover AD cleanly from a ransomware attack that corrupted or encrypted AD data.\n\nSemperis's Purple Knight tool, a free Active Directory security assessment, has been downloaded by more than 10,000 organizations and is widely used by IT and security teams to benchmark their AD attack surface. The company's deep expertise in AD-based attack techniques — including DCSync, Golden Ticket, Kerberoasting, and pass-the-hash attacks — informs its detection engine, which monitors AD events in real time and can automatically roll back unauthorized changes before they cause damage. ## Frequently Asked Questions ### Why is Active Directory security so critical? Active Directory controls authentication and authorization for virtually every system in a Windows-based enterprise environment. When attackers compromise AD — as is the goal of most enterprise ransomware attacks — they gain the ability to impersonate any user, access any system, and deploy ransomware or exfiltrate data at scale. Securing and quickly recovering AD is therefore one of the highest-priority objectives in enterprise security. ### What is Semperis's Directory Services Protector? Directory Services Protector (DSP) is Semperis's flagship product for real-time Active Directory and Entra ID threat monitoring. It tracks all changes made to AD objects and configurations, detects known attack patterns like DCSync and Golden Ticket, and can automatically roll back unauthorized changes to AD without manual intervention, limiting the damage attackers can do even if they gain initial access to the directory. ### How does Semperis help organizations recover from ransomware attacks on Active Directory? Semperis's Active Directory Forest Recovery (ADFR) product provides automated, malware-free recovery of AD forests from a ransomware attack or other destructive incident. It maintains clean backups that are isolated from the production environment and can restore AD to a known-good state in hours rather than the days or weeks traditional manual recovery processes require, dramatically reducing downtime after an attack. ### Why is Active Directory a critical target for cyberattackers and how does Semperis help? Active Directory controls authentication and authorization for most enterprise environments, making it the primary target for attackers who want to move laterally and escalate privileges. Compromising AD gives attackers the ability to access any system in the environment. Semperis monitors AD for signs of attack, detects malicious changes in near-real-time, and can restore AD to a clean state following a ransomware attack that corrupts the directory. ### How does Semperis support Active Directory disaster recovery? Semperis provides Active Directory-specific backup and recovery capabilities designed to restore AD to a known-good state following ransomware or other destructive attacks. Unlike general backup tools, Semperis understands AD's replication model and can restore to a clean state without re-introducing malware that may have been present in the backup, which is a critical concern after ransomware incidents. ### Does Semperis support Azure Active Directory and Entra ID as well as on-premises AD? Yes. Semperis covers both on-premises Active Directory and Azure Active Directory (now Microsoft Entra ID), as well as hybrid identity environments where both are in use. This hybrid coverage is important because most enterprises have not fully migrated to cloud identity and face threats targeting the integration between on-premises AD and Entra ID. ### What identity threats does Semperis detect in Active Directory? Semperis detects Active Directory attack patterns including DCSync attacks, Golden Ticket and Silver Ticket Kerberos attacks, AD CS certificate abuse, persistence mechanisms like AdminSDHolder modification, and privilege escalation through group membership changes. These detections are mapped to the MITRE ATT&CK framework and trigger alerts with remediation guidance. ### How does Semperis help organizations assess their Active Directory security posture? Semperis includes an AD security assessment capability that evaluates the configuration of an Active Directory environment against security best practices and known attack paths. The assessment identifies high-risk misconfigurations like unconstrained delegation, weak password policies, and stale privileged accounts, prioritizing remediation based on the risk each configuration poses. ## Tags security, cybersecurity, enterprise, platform, saas, b2b, cloud-native, infrastructure, scaleup --- *Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*