Semperis Purple Knight

Purple Knight is a security assessment tool that scans Active Directory, Entra ID, and Okta environments to identify vulnerabilities and security gaps. The tool detects over 185 indicators of exposure (IoEs) and indicators of compromise (IoCs) to help organizations discover misconfigurations and potential attack vectors in hybrid identity environments. The tool performs comprehensive security audits and generates report cards with security scores across five categories. It provides prioritized remediation guidance from identity security experts and correlates findings with MITRE ATT&CK framework techniques. Purple Knight scans for common attack vectors including admin accounts with old passwords, enabled but inactive admin accounts, and other risky configurations. The assessment process involves four stages: finding security gaps through vulnerability scanning, prioritizing issues based on risk, fixing identified misconfigurations and vulnerabilities, and validating security posture over time through periodic scans. The tool includes community-driven threat intelligence that incorporates emerging threats discovered by threat researchers. Purple Knight operates with a GUI-based interface and can complete environment scans in minutes. The tool is designed to help organizations reduce their Active Directory attack surface and improve their hybrid identity security posture through actionable security guidance and systematic remediation of identified issues.