Community Tool for AD Security Assessment

Close Active Directory and Azure AD Security Gaps

Find and fix security vulnerabilities in AD and Azure AD with Purple Knight, a free AD security vulnerability assessment that helps you uncover hundreds of AD indicators of exposure (IOEs) and compromise (IOCs). Quickly conduct a security assessment of AD—involved in 9 out of 10 cyberattacks.

Find your AD security gaps before attackers do

Purple Knight is an Active Directory security assessment tool used by thousands of organizations to quickly identify vulnerabilities in hybrid AD environments and receive prioritized, expert remediation guidance. With access to Active Directory or Azure AD, threat actors can gain dominance over your entire infrastructure.

Purple Knight scans your on-premises Active Directory and Azure Active Directory environment and generates a security score based on security indicators across seven categories.

  • AD and Azure AD security scorecard
  • 150+ security indicators
  • Updates by security experts
  • Prioritized, actionable guidance
  • MITRE ATT&CK correlation

Reduce cyberattack risk: Download the #1 AD security assessment tool

Active Directory is the prime target for cyberattackers because AD is the core identity store for 90% of enterprise organizations worldwide and because legacy AD environments have misconfigurations that accumulate over time. Once cyber criminals gain access to AD, they can seize control of the entire environment.

Hybrid AD environments are tricky to secure, as attacks can start in Azure AD and move to on-prem AD, or vice versa—as in the SolarWinds attack. Purple Knight scans the hybrid AD environment for IOEs and IOCs, provides an Active Directory and Azure AD vulnerability assessment, and offers expert, prioritized remediation guidance.

Download Purple Knight
Mandiant researchers report
of cyberattacks involve Active Directory
Pen testers report
of their attempted AD exploits are successful
Enterprise Management Associates:
of attacks on organizations’ AD environments are successful
According to Gartner
of organizations use no AD defense whatsoever

See Purple Knight in action

Darren Mar-Elia, Semperis VP of Product, demonstrates how you can use Purple Knight, a free Active Directory security assessment tool, to scan your environment for hundreds of IOEs and IOCs. See your overall security posture score and receive prioritized remediation guidance from AD security experts.

Learn More

I recommend Purple Knight for its ease of use—it’s GUI-based, it gives you a quick report card, and gives you a good, easy checklist of things to start working on.

Learn more Jim Shakespear Director of IT Security, Southern Utah University

Purple Knight is a powerful tool with a nicely packaged set of scripts that does a fantastic job of showing you some of the hidden aspects of your AD that are just waiting to be discovered by the wrong person.

Learn more Patrick Emerick Senior Systems Engineer, Bethel School District

The Purple Knight report helped us take action on items right away, such as shutting down or disabling Active Directory accounts that shouldn’t have been enabled. And then it helped us develop a long-term maintenance plan.

Learn more Kevin Dreyer CISO, Maple Reinders

Purple Knight is the first utility I’ve used that digs this deep into Active Directory. It works so well, I didn’t need to find anything else.

Learn more Micah Clark IT Manager, Central Utah Emergency Communications

More resources

Learn more about how to find and fix your AD and Azure AD security vulnerabilities.

Ready to find and fix your AD security vulnerabilities?

Start closing security gaps in your Active Directory and Azure AD today.