French startup Alsid has raised a $14.7 million funding round (€13 million). The company is working on a security solution to protect your Microsoft Active Directory installation and make sure a hacker can’t access your system.
Idinvest Partners is leading today’s round. Existing investors 360 Capital Partners and Axeleo Capital are also participating.
If you have a corporate laptop or if you access files on your corporate network, chances are your company uses Active Directory. Most companies uses this directory service to manage users and their access rights. Whenever you enter your login and password on your corporate laptop, macOS or Windows check the Active Directory to see if you have the rights to use this laptop and various corporate services.
Big companies have a hard time managing this directory. They acquire other companies, merge directories and don’t realize that some users end up with very generous access rights. Hackers take advantage of that.
There are some solutions to scan your directory and fix vulnerabilities, but they require admin access. They create a risk as much as a solution. Alsid has a completely different approach.
“We operate like an employee working remotely. Our system asks a lot of questions to the directory and detects issues,” co-founder and CEO Emmanuel Gras told me in 2017. The company creates a normal user account, connects to your corporate network with a VPN and uses Microsoft’s API to attack your own Active Directory.
Alsid then generates reports with detailed steps to protect a directory. And, of course, the company tries to monitor the directory as often as possible. You can deploy Alsid locally or in the cloud.
The company uses a software-as-a-service approach and currently monitors 3 million Active Directory users. Many big companies already use the service, such as Groupe Accor, Orange, Sanofi and Unibail-Roadmco-Westfield.