Jul 11, 2025

iTWire 2025 Purple Knight Report Reveals Persistent Security Gaps in Hybrid Active Directory and Entra ID Environments 0 GUEST RESEARCH:  The new report uncovers identity security risks, low initial assessment scores, and urgent need for remediation across Active Directory, Entra ID, and Okta—but substantial score improvements for users applying Purple Knight’s expert mitigation guidance. Semperis , a provider of AI-powered identity security and cyber resilience, today published results from the 2025 Purple Knight Report indicating that organisations continue to struggle to identify and address security vulnerabilities in hybrid identity systems such as Active Directory, Entra ID, and Okta. Notably, the average score of 61 out of 100 is 11 points lower than the average score of 72 in the 2023 report. But users reported an average improvement of 21 points—and as high as 61 points—after applying Purple Knight’s remediation guidance, developed by Semperis identity security experts. Purple Knight score averages were highest among the largest organisations (10,000+ employees), with an average score of 73, and the smallest companies (0-500 employees), with an average score of 68 out of 100. “The largest organisations have more resources, and the smallest organisations often have less-complicated environments to secure,” said Sean Deuby, Semperis Principal Technologist, Americas. Organisations with between 2,001 and 5,000 employees averaged a score of 52, the worst overall highlighting the dilemma faced by midsized organisations with complex systems and limited resources for addressing AD security problems. “The midsized companies are where the IT pros have to do everything. You don’t have full-time AD specialists,” said Deuby. Among the six categories of vulnerabilities included in Purple Knight, scores were lowest in the AD Infrastructure category, followed by Account Security, Kerberos, Group Policy, Entra ID, and Okta. “Hybrid identity environments are complex, and threat actors know it. Overall, organisations can’t protect what they can’t see. The lower average scores in the 2025 Purple Knight Report indicate how crucial it is for companies to proactively assess vulnerabilities across their hybrid identity systems so they can close security gaps before attackers exploit them,” said Deuby. “Purple Knight gives organisations of all sizes the ability to identify vulnerabilities and remediate them before risks become damaging losses because of a compromise.” Among industries, the government sector scored the lowest average score of 46, followed by retail at 51 out of 100 and transportation and education at 57 out of 100. Healthcare averaged a score of 66, still poor, but the highest among all verticals. Industry insights on the value of Purple Knight Although many users were dismayed by their initial low scores, they applied Purple Knight’s remediation guidance—developed by Semperis AD security experts—to improve their security posture scores by an average of 21 points from their initial score to their top score. “My company has launched a multi-year project to reorganise the environment, which currently consists of about 30 AD forests. Using Purple Knight to scan those environments helps us understand what might break in our permissions structure or what open security vulnerabilities we need to fix.” —Bob G., infrastructure team lead at a global shipping company “We suffered an attack that compromised some of our systems, and we thought we were pretty secure in terms of Active Directory. We learned a lot from that event. Out of curiosity, I ran Purple Knight on the environment, and I found a new world of stuff to fix.” —Jose G., global administrator at an IT services company “I do a pretty good job. And we haven’t been breached. But then you see the D-minus on your report card and it’s like, wow. There are some things we could do better.” —Eric M., senior identity engineer, global printing company Read 15 times It's all about Webinars. Marketing budgets are now focused on Webinars combined with Lead Generation. If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event. The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page. Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview. We look forward to discussing your campaign goals with you. Please click the button below.