Sydney Australia- 28 November 2024 – New cybersecurity guidance from the Australian Signals Directorate (ASD) and the Five Eyes Alliance recommends Semperis’ Purple Knight tool as an essential resource for Australian businesses to protect against identity-based cyber threats. Purple Knight is a free assessment tool that identifies vulnerabilities in Microsoft Active Directory, Entra ID, and Okta—core identity systems used by over 80% of organisations worldwide.

“We are honoured that the Five Eyes Alliance has included Purple Knight as a recommended tool in its latest cybersecurity guidance,” said Mickey Bresman, CEO, Semperis. “This collaboration emphasises the urgent need to secure identity systems against today’s threats, and we’re proud to support Australian organisations in doing so.”

This new guidance, co-authored by the cybersecurity agencies of Australia, the United States, Canada, New Zealand, and the United Kingdom, highlights Purple Knight’s capabilities in identifying common attack techniques aimed at exploiting identity systems. The report outlines 17 attack methods used by threat actors and offers mitigation guidance, providing an essential resource for Australian businesses as they face increasing cyber risks in hybrid work environments.

“Active Directory, Entra ID and Okta vulnerabilities can give attackers unrestricted access to an organisation’s network and resources. Semperis built Purple Knight to help companies discover indicators of exposure and indicators of compromise in their hybrid identity environments. The tool has been downloaded by more than 30,000 organisations,” said Ray Mills, Regional Director, Iberia, Semperis.

The results of a 2023 Semperis Purple Knight Report revealed that organisations using Active Directory struggle to identify and address security vulnerabilities that leave their identity environments open to cyberattacks. Most companies scored an average of 72 on their initial Purple Knight AD security assessments, indicating significant room for improvement.

“Recent guidance in the Five Eyes nations’ report is welcomed. While perfect security is impossible, you can make your network defensible—and then you must defend it. That defense is a mix of doctrine, upskilling and technology, all of which are essential; none on their own is sufficient. Organisations such as Semperis offer hybrid identity system security that will help global organisations improve their operational resilience against today’s ever-present attacks,” said Chris Inglis, former U.S. National Cyber Director and current Strategic Advisor, Semperis.

Australian businesses can download Purple Knight for free here https://www.semperis.com/es/purple-knight/request-form/