SYDNEY, Australia- 24 April 2026 – Semperis, the identity-driven cyber resilience and crisis response company, today announced expanded capabilities for Purple Knight, its free, community-driven Active Directory and Entra ID security assessment tool helping organisations strengthen identity security in line with guidance from the Five Eyes Alliance, of which Australia is a key member.

The update comes as Australian organisations face increasing pressure to improve cyber resilience, particularly across hybrid identity environments that span on-premises infrastructure and cloud platforms.

In 2025, the Five Eyes Alliance including the Australian Signals Directorate and the Australian Cyber Security Centre updated its joint advisory document Detecting and Mitigating Active Directory Compromises. The guidance highlights the importance of continuously assessing identity systems and recommends tools such as Purple Knight to help organisations identify and remediate vulnerabilities.

While the latest Purple Knight enhancements include support for high-assurance government cloud environments such as Microsoft Government Community Cloud High (GCC High) in the United States, the implications extend to Australia. Similar identity security challenges exist across Australian government, defence, and critical infrastructure sectors, where hybrid Active Directory and cloud identity environments remain a primary attack surface.

GCC High is the cloud environment purpose-built by Microsoft to meet the stringent FedRAMP High, ITAR, and DFARS compliance requirements that most government agencies must adhere to. Until now, federal agencies and defence organisations running GCC High tenants were unable to take advantage of Purple Knight’s Entra ID assessment scanning capabilities. Agencies could assess their on-premises Active Directory health but lacked the ability to extend that same assessment into their GCC High cloud identity environment.

“Identity has become the frontline of cybersecurity, yet many organisations still lack clear visibility into their exposure across hybrid environments,” said Gerard Sillars, Vice President APJ, Semperis. “This expansion reflects the growing need highlighted by Five Eyes guidance for continuous identity security assessment aligned with Zero Trust principles.”

Cybersecurity continues to be a national priority in Australia, with frameworks such as the Essential Eight and regulatory requirements under the Security of Critical Infrastructure Act 2018 placing greater emphasis on proactive risk management. Identity systems, particularly Active Directory and Entra ID, are frequently targeted in sophisticated cyberattacks, making continuous visibility and assessment critical.

Purple Knight is already used by more than 65,000 organisations globally to assess identity security posture across on-premises and cloud environments. The tool provides a fast, low-friction way to benchmark configurations against industry best practices and evolving threat guidance.

For organisations requiring continuous monitoring and response, Semperis also offers Directory Services Protector (DSP) for hybrid AD threat detection, Active Directory Forest Recovery (ADFR) for cyber-first disaster recovery, and Lightning Intelligence for automated, SaaS-based identity security posture management.

To download Purple Knight, visit: purple-knight.com.

About Purple Knight

Purple Knight is a free Active Directory security assessment tool developed by Semperis identity security experts that has been downloaded by 65,000 organisations

Purple Knight scans the Active Directory environment for 210+ security indicators of exposure or compromise, maps findings to the MITRE ATT&CK and ANSSI frameworks and provides prioritised and expert remediation guidance. Users receive a graphical report with an overall score, 7 category scores, and guidance on how to remediate security risks.

About Semperis

Semperis is the identity-driven cyber resilience and crisis management company trusted by the world’s largest enterprises and government agencies to protect critical identity systems. Purpose-built for multi-cloud and hybrid identity environments—including Active Directory, Entra ID, Okta, and Ping Identity—Semperis helps organisations prevent, detect, respond to, and recover from identity-based cyberattacks.

Modern cyberattacks are won or lost at the identity layer, where failures now escalate into full-scale business crises. Semperis’ AI-powered platform unifies identity lifecycle defense and crisis management—hardening identity infrastructure, detecting and containing active threats, enabling rapid, trusted recovery, and supporting secure, out-of-band coordination when core systems are disrupted—all reinforced by a world-class identity forensics and incident response team.

As part of its mission to help organisations achieve true cyber resilience, Semperis supports the broader cyber community through the award-winning Hybrid Identity Protection (HIP) Conference and Podcast and free identity security tools including Purple Knight and Forest Druid. More than 1,200 organisations—including 25% of the 100 largest U.S. companies—rely on Semperis. The company is privately held, headquartered in Hoboken, New Jersey, and serves customers in more than 40 countries.

Learn more: semperis.com
Follow us: Blog / LinkedIn / X / Facebook / YouTube