New capability brings continuous on-premises Active Directory assessment into the same platform that already covers systems, networks, web, cloud, and API security - replacing point-in-time audits with continuous visibility
STOCKHOLM, June 09, 2026 (GLOBE NEWSWIRE) -- Holm Security today expanded its exposure and vulnerability management platform with Active Directory Security, a new capability that continuously assesses on-premises Active Directory for the misconfigurations cybercriminals use to escalate privileges and move laterally.
Identity remains a common path into business data. According to the Verizon 2025 Data Breach Investigations Report, 22% of breaches begin with stolen credentials. For most organizations, that starts with Active Directory - still the backbone of corporate identity. Yet hardening Active Directory is often left to specialized standalone tools, manual scripts, or point-in-time audits.
How Holm Security protects identity
Holm Security's Active Directory coverage spans 187 individual checks across nine MITRE ATT&CK tactics. The checks address the techniques cybercriminals most commonly use:
- Credential Access - Kerberos abuse, credential dumping, password exposure
- Privilege Escalation - delegation abuse, ACL manipulation
- Persistence - AdminSDHolder modification, GPO tampering
- Lateral Movement - pass-the-hash, exploitation of legacy services
"Identity has become the primary path into organizations, and most of that path still runs through on-premises Active Directory," said Mihail Lupan, Head of Security Research at Holm Security. "But Active Directory has been left behind by the vulnerability management category. Security teams either rely on point-in-time audits or buy a specialized standalone product. Neither is the right answer for an attack surface that changes every day. The Holm Security platform treats it like every other layer of exposure: continuously assessed, prioritized by risk, and ready to act on."
The launch comes as European organizations face mounting pressure to demonstrate exposure management maturity under directives including NIS2 and DORA. Holm Security, recently recognized with the Cybersecurity Made in Europe label by the European Cyber Security Organisation (ECSO) and the Software Hosted in Europe label by the European DIGITAL SME Alliance, builds and operates the platform on European infrastructure.
Active Directory Security is available to all Holm Security customers today.
About Holm Security
Holm Security is a European leader in vulnerability and exposure management, helping organizations build a systematic, risk-based, and proactive cyber defense. As the threat landscape grows in complexity and regulatory pressure intensifies across Europe, Holm Security gives security teams the visibility and control they need to reduce risk by managing exposure effectively. Built and operated on European infrastructure, Holm Security's platform combines deep vulnerability management with built-in attack surface management, delivering both security excellence and the data sovereignty that organizations increasingly demand. Learn more at holmsecurity.com.
For Press Inquiries: marketing@holmsecurity.com
