Community Tool for AD Security Assessment

Close Active Directory and Azure AD Security Gaps

Find and fix security vulnerabilities in AD, Azure AD (now Entra ID), and Okta with Purple Knight, a free AD security vulnerability assessment that helps you uncover hundreds of AD indicators of exposure (IOEs) and compromise (IOCs). Quickly conduct a security assessment of AD—involved in 9 out of 10 cyberattacks.

Download Purple Knight Learn More

Find your AD security gaps before attackers do

Purple Knight is an Active Directory security assessment tool used by thousands of organizations to quickly identify vulnerabilities in hybrid AD environments and receive prioritized, expert remediation guidance. With access to Active Directory, Azure AD (now Entra ID), and Okta threat actors can gain dominance over your entire infrastructure.

Purple Knight scans your on-premises Active Directory, Azure Active Directory, and Okta environment and generates a security score based on security indicators across seven categories.

AD, Azure AD (now Entra ID), and Okta security scorecard
150+ security indicators
Updates by security experts
Prioritized, actionable guidance
MITRE ATT&CK correlation

Reduce cyberattack risk: Download the #1 AD security assessment tool

Active Directory is the prime target for cyberattackers because AD is the core identity store for 90% of enterprise organizations worldwide and because legacy AD environments have misconfigurations that accumulate over time. Once cyber criminals gain access to AD, they can seize control of the entire environment.

Hybrid AD environments are tricky to secure, as attacks can start in Azure AD and move to on-prem AD, or vice versa—as in the SolarWinds attack. Purple Knight scans the hybrid AD environment for IOEs and IOCs, provides an Active Directory, Azure AD, and Okta vulnerability assessment, and offers expert, prioritized remediation guidance.

Download Purple Knight

Mandiant researchers report:

90%

of cyberattacks involve Active Directory

Microsoft Digital Defense Report:

88%

of customers impacted by incidents had “insecure AD configuration”

Microsoft Digital Defense Report:

1 hour, 42 minutes

the median time for an attacker to begin moving laterally after device compromise

According to Gartner

33%

of organizations use no AD defense whatsoever

See Purple Knight in action

Darren Mar-Elia, Semperis VP of Product, demonstrates how you can use Purple Knight, a free Active Directory security assessment tool, to scan your environment for hundreds of IOEs and IOCs. See your overall security posture score and receive prioritized remediation guidance from AD security experts.

Learn More

I recommend Purple Knight for its ease of use—it’s GUI-based, it gives you a quick report card, and gives you a good, easy checklist of things to start working on.
Learn more Jim Shakespear Director of IT Security, Southern Utah University

Purple Knight is a powerful tool with a nicely packaged set of scripts that does a fantastic job of showing you some of the hidden aspects of your AD that are just waiting to be discovered by the wrong person.
Learn more Patrick Emerick Senior Systems Engineer, Bethel School District

The Purple Knight report helped us take action on items right away, such as shutting down or disabling Active Directory accounts that shouldn’t have been enabled. And then it helped us develop a long-term maintenance plan.
Learn more Kevin Dreyer CISO, Maple Reinders

Purple Knight is the first utility I’ve used that digs this deep into Active Directory. It works so well, I didn’t need to find anything else.
Learn more Micah Clark IT Manager, Central Utah Emergency Communications