Community Tool for AD Security Assessment

Close Active Directory and Entra ID Security Gaps

Find and fix security vulnerabilities in AD, now Entra ID, and Okta with Purple Knight, a free AD security vulnerability assessment that helps you uncover hundreds of AD indicators of exposure (IOEs) and compromise (IOCs). Quickly conduct a security assessment of AD—involved in 9 out of 10 cyberattacks.

Find your AD security gaps before attackers do

Purple Knight is an Active Directory security assessment tool used by thousands of organizations to quickly identify vulnerabilities in hybrid AD environments and receive prioritized, expert remediation guidance. With access to Active Directory, Entra ID), and Okta threat actors can gain dominance over your entire infrastructure.

Purple Knight scans your on-premises Active Directory, Entra ID, and Okta environment and generates a security score based on security indicators across seven categories.

  • AD, Entra ID, and Okta security scorecard
  • 150+ security indicators
  • Updates by security experts
  • Prioritized, actionable guidance
  • MITRE ATT&CK correlation

Reduce cyberattack risk: Download the #1 AD security assessment tool

Active Directory is the prime target for cyberattackers because AD is the core identity store for 90% of enterprise organizations worldwide and because legacy AD environments have misconfigurations that accumulate over time. Once cyber criminals gain access to AD, they can seize control of the entire environment.

Hybrid AD environments are tricky to secure, as attacks can start in Entra ID and move to on-prem AD, or vice versa—as in the SolarWinds attack. Purple Knight scans the hybrid AD environment for IOEs and IOCs, provides an Active Directory, Entra ID, and Okta vulnerability assessment, and offers expert, prioritized remediation guidance.

Download Purple Knight
Mandiant researchers report:
of cyberattacks involve Active Directory
Microsoft Digital Defense Report:
of customers impacted by incidents had “insecure AD configuration”
Microsoft Digital Defense Report:
1 hour, 42 minutes
the median time for an attacker to begin moving laterally after device compromise
According to Gartner
of organizations use no AD defense whatsoever

See Purple Knight in action

Darren Mar-Elia, Semperis VP of Product, demonstrates how you can use Purple Knight, a free Active Directory security assessment tool, to scan your environment for hundreds of IOEs and IOCs. See your overall security posture score and receive prioritized remediation guidance from AD security experts.

Learn More

Join our star-studded team

I recommend Purple Knight for its ease of use—it’s GUI-based, it gives you a quick report card, and gives you a good, easy checklist of things to start working on.

Learn more Jim Shakespear Director of IT Security, Southern Utah University
School District

Purple Knight is a powerful tool with a nicely packaged set of scripts that does a fantastic job of showing you some of the hidden aspects of your AD that are just waiting to be discovered by the wrong person.

Learn more Patrick Emerick Senior Systems Engineer, Bethel School District

The Purple Knight report helped us take action on items right away, such as shutting down or disabling Active Directory accounts that shouldn’t have been enabled. And then it helped us develop a long-term maintenance plan.

Learn more Kevin Dreyer CISO, Maple Reinders

Purple Knight is the first utility I’ve used that digs this deep into Active Directory. It works so well, I didn’t need to find anything else.

Learn more Micah Clark IT Manager, Central Utah Emergency Communications

More resources

Learn more about how to find and fix your AD, Azure AD, and Okta security vulnerabilities.

Ready to find and fix your AD security vulnerabilities?

Start closing security gaps in your Active Directory, Entra ID, and Okta today.