Semperis 2025 Purple Knight Report Reveals Persistent Security Gaps in Hybrid Active Directory and Entra ID Environments

2025 Purple Knight Report Reveals Persistent Security Gaps in Hybrid Active Directory and Entra ID Environments The new report uncovers identity security risks, low initial assessment scores, and urgent need for remediation across Active Directory, Entra ID, and Okta—but substantial score improvements for users applying Purple Knight’s expert mitigation guidance.

Announcements | Artificial Intelligence | Identity & Access Management

Posted: Friday, Jul 11

KBI.Media
$
Semperis 2025 Purple Knight Report Reveals Persistent Security Gaps in Hybrid Active Directory and Entra ID Environments

Semperis 2025 Purple Knight Report Reveals Persistent Security Gaps in Hybrid Active Directory and Entra ID Environments

Sydney, Australia – 11 July, 2025 — Semperis, a provider of AI-powered identity security and cyber resilience, today published results from the 2025 Purple Knight Report indicating that organisations continue to struggle to identify and address security vulnerabilities in hybrid identity systems such as Active Directory, Entra ID, and Okta. Notably, the average score of 61 out of 100 is 11 points lower than the average score of 72 in the 2023 report. But users reported an average improvement of 21 points—and as high as 61 points—after applying Purple Knight’s remediation guidance, developed by Semperis identity security experts.

Purple Knight score averages were highest among the largest organisations (10,000+ employees), with an average score of 73, and the smallest companies (0-500 employees), with an average score of 68 out of 100.

“The largest organisations have more resources, and the smallest organisations often have less-complicated environments to secure,” said Sean Deuby, Semperis Principal Technologist, Americas.

Organisations with between 2,001 and 5,000 employees averaged a score of 52, the worst overall highlighting the dilemma faced by midsized organisations with complex systems and limited resources for addressing AD security problems. “The midsized companies are where the IT pros have to do everything. You don’t have full-time AD specialists,” said Deuby.

Among the six categories of vulnerabilities included in Purple Knight, scores were lowest in the AD Infrastructure category, followed by Account Security, Kerberos, Group Policy, Entra ID, and Okta.

“Hybrid identity environments are complex, and threat actors know it. Overall, organisations can’t protect what they can’t see. The lower average scores in the 2025 Purple Knight Report indicate how crucial it is for companies to proactively assess vulnerabilities across their hybrid identity systems so they can close security gaps before attackers exploit them,” said Deuby. “Purple Knight gives organisations of all sizes the ability to identify vulnerabilities and remediate them before risks become damaging losses because of a compromise.”

Among industries, the government sector scored the lowest average score of 46, followed by retail at 51 out of 100 and transportation and education at 57 out of 100. Healthcare averaged a score of 66, still poor, but the highest among all verticals.

Industry Insights On The Value of Purple Knight

Although many users were dismayed by their initial low scores, they applied Purple Knight’s remediation guidance—developed by Semperis AD security experts—to improve their security posture scores by an average of 21 points from their initial score to their top score.

“My company has launched a multi-year project to reorganise the environment, which currently consists of about 30 AD forests. Using Purple Knight to scan those environments helps us understand what might break in our permissions structure or what open security vulnerabilities we need to fix.” —Bob G., infrastructure team lead at a global shipping company

“We suffered an attack that compromised some of our systems, and we thought we were pretty secure in terms of Active Directory. We learned a lot from that event. Out of curiosity, I ran Purple Knight on the environment, and I found a new world of stuff to fix.” —Jose G., global administrator at an IT services company

“I do a pretty good job. And we haven’t been breached. But then you see the D-minus on your report card and it’s like, wow. There are some things we could do better.” —Eric M., senior identity engineer, global printing company

About Purple Knight

Purple Knight is a free Active Directory security assessment tool developed by Semperis identity security experts that has been downloaded by 45,000+ organisations. Purple Knight scans the Active Directory environment for 185+ security indicators of exposure or compromise. Users receive a graphical report with an overall score, 6 category scores, and guidance on how to remediate security risks.

About Semperis

Semperis protects critical enterprise identity services for security teams charged with defending hybrid and multi-cloud environments. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis’ AI-powered technology protects over 100 million identities from cyberattacks, data breaches, and operational errors.

As part of its mission to be a force for good, Semperis offers a variety of cyber community resources, including the award-winning Hybrid Identity Protection (HIP) Conference, HIP Podcast, and free identity security tools Purple Knight and Forest Druid. Semperis is a privately owned, international company headquartered in Hoboken, New Jersey, supporting the world’s biggest brands and government agencies, with customers in more than 40 countries.