Enterprise identity protection and cyber resilience startup Semperis Ltd. today announced the release of Lightning Identity Runtime Protection, a new machine learning-powered identity threat detection and response service.

Lightning Identity Runtime Protection uses machine learning models developed by security experts to detect widespread and successful attack patterns, such as password spray, credential stuffing, other brute force attacks and risky anomalies. The first offering on the Semperis Lightning Platform, the new service is designed to bring critical identity context to attack patterns and anomaly detect, hence helping organizations quickly spot and respond to high-risk events.

Lighting IRP seeks to address a persistent problem for cyber defenders: known identity attack patterns such as password spraying continuing to be extremely successful because of the difficulty in detecting and responding to the sheer signal volume and noise. The service was trained on algorithms based on Semperis’ real-world experience in responding to identity attacks in the wild.

The new service detects sophisticated identity attacks that Semperis claims traditional machine learning solutions miss. Lightning IRP allows defenders to focus on the most critical identity attack alerts by reducing noise by layering in an identity risk fabric that draws insights from multiple sources.

Sources tracked by LightIRP include directory change tracking data across hybrid Active Directory and Entra ID environments, hundreds of security indicators of exposure and compromise as regularly updated by Semperis’ identity threat research team, and attack path analysis to map out risky relationships to privileged groups with access to the most sensitive data.

Under the hood, IRP uses a growing threat library of exposures, compromises and attack patterns in parallel with a continuous stream of identity security data to accelerate an effective response to identity system threats.

“Detecting an anomaly is relatively easy,” said Chief Executive Officer Mickey Bresman. “Putting it into context is where the challenge is. We’ve combined deep machine learning expertise with our first-hand knowledge of how real-life identity system attacks work to provide meaningful context that helps organizations isolate and address high-risk threats.”

Semperis is a venture capital-backed startup that last raised $200 million in funding in May 2022. Investors in the company include Kohlberg Kravis Roberts & Co. LP, Ten Eleven Ventures LLC, Paladin Capital Group LLC, Atrium Health Strategic Fund LLC and Tech Pioneers Fund LP.

Photo: Semperis