2022 Purple Knight Report – Facing the Unknown – Uncoverging & Addressing Systemic Active Directory Security Failures by Purple Knight



Security Assessments Reveal Widespread Active Directory Vulnerabilities

Organizations of all sizes and across every industry are failing to address Active Directory (AD) security gaps that can leave them vulnerable to cyberattacks, according to results from a survey of IT and security leaders who have deployed the Purple Knight free security assessment tool in their environments.

Organizations scored an average of 68% across five Active Directory security categories—a barely passing grade. Large organizations fared even worse in the assessment—reporting an average score of 64%—indicating that the challenges in securing Active Directory expand with legacy applications and complex environments, particularly in large organizations.

Respondents cited various catalysts for downloading the security assessment, ranging from a proliferation of attacks in their industries, organizational mandates, or post-breach remediation.
“Other schools in our area had been compromised,” said an IT manager at a U.S. community college. “We’re always trying to improve our security, and of course Active Directory is one of those pieces that is integrated into everything. But over time, it does get less secure.”

Many of the respondents said they were blindsided by the findings of their Purple Knight reports.
“I know I have Active Directory,” said a CISO at a Canadian manufacturing company. “But I didn’t know I had these problems. And I’m pretty security-conscious. So, it was a good slap in the head.”
Based on an online survey and a series of in-depth interviews, the 2022 Purple Knight Report sheds light on the challenges IT and security teams face with addressing security weaknesses in Active Directory—the primary identity store for most businesses worldwide and a common target for cybercriminals.

I know I have Active Directory. But I didn’t know that I had these problems. I’m pretty security-conscious. So, it was a good slap in the head.

Purple Knight

Purple Knight is a free Active Directory security assessment tool developed by Semperis directory services experts that has been downloaded by 5,000+ users since its first release in spring 2021. Purple Knight scans the Active Directory environment for 100+ security indicators of exposure or compromise. Users receive a graphical report with an overall score, 5 category scores, and guidance on how to remediate security risks.

Download & read the complete report below 👇👇👇


Leave a Reply

Your email address will not be published. Required fields are marked *