Five Eyes recommend Semperis’ Purple Knight for cyber defence
New cybersecurity guidance from the Australian Signals Directorate (ASD) and the Five Eyes Alliance has recommended Semperis' Purple Knight tool as a crucial resource to counter identity-based cyber threats.
Purple Knight is a free tool designed to identify vulnerabilities in core identity systems, such as Microsoft Active Directory, Entra ID, and Okta, which are used by over 80% of organisations worldwide.
"We are honoured that the Five Eyes Alliance has included Purple Knight as a recommended tool in its latest cybersecurity guidance," said Mickey Bresman, Chief Executive Officer of Semperis.
"This collaboration emphasises the urgent need to secure identity systems against today's threats, and we're proud to support Australian organisations in doing so."
The new guidance is a collaborative effort by the cybersecurity agencies of Australia, the United States, Canada, New Zealand, and the United Kingdom. It underscores Purple Knight's capabilities in identifying common attack techniques used to exploit identity systems. The guidance outlines 17 attack methods employed by threat actors and provides mitigation strategies, positioning Purple Knight as a vital resource for Australian businesses facing increasing cyber risks in hybrid work environments.
Ray Mills, Regional Director, Iberia, Semperis, commented, "Active Directory, Entra ID and Okta vulnerabilities can give attackers unrestricted access to an organisation's network and resources. Semperis built Purple Knight to help companies discover indicators of exposure and indicators of compromise in their hybrid identity environments. The tool has been downloaded by more than 30,000 organisations."
Insights from the 2023 Semperis Purple Knight Report indicated that organisations utilising Active Directory encounter difficulties in identifying and rectifying security vulnerabilities, leaving their identity environments vulnerable to cyberattacks.
It was reported that most companies scored an average of 72 on their initial Purple Knight Active Directory security assessments, highlighting considerable scope for improvement.
Chris Inglis, former U.S. National Cyber Director and now a Strategic Advisor at Semperis, stated, "Recent guidance in the Five Eyes nations' report is welcomed. While perfect security is impossible, you can make your network defensible—and then you must defend it. That defense is a mix of doctrine, upskilling, and technology, all of which are essential; none on their own is sufficient. Organisations such as Semperis offer hybrid identity system security that will help global organisations improve their operational resilience against today's ever-present attacks."