Semperis has announced expanded capabilities for Purple Knight, its free Active Directory and Entra ID security assessment tool, positioning the update as relevant to organisations seeking to align identity security practices with Five Eyes guidance.
The company said the update is aimed at hybrid identity environments spanning on-premises infrastructure and cloud platforms, which are widely used across government and critical infrastructure. Identity systems such as Active Directory and Entra ID are frequently targeted in cyberattacks, and the firm linked the announcement to the need for more continuous assessment of identity exposure.
The release cited a 2025 Five Eyes joint advisory, including the Australian Signals Directorate and the Australian Cyber Security Centre, titled Detecting and Mitigating Active Directory Compromises, which recommends ongoing assessment of identity systems and highlights tools such as Purple Knight to help identify and remediate vulnerabilities.
A key element of the latest Purple Knight enhancements is support for high-assurance government cloud environments, including Microsoft Government Community Cloud High (GCC High) in the United States. Semperis said this enables Entra ID assessment scanning in GCC High tenants, where users previously could assess on-premises Active Directory health but could not extend the same assessment into the GCC High cloud identity environment.
“Identity has become the frontline of cybersecurity, yet many organisations still lack clear visibility into their exposure across hybrid environments,” said Gerard Sillars, Vice President APJ, Semperis. “This expansion reflects the growing need highlighted by Five Eyes guidance for continuous identity security assessment aligned with Zero Trust principles.”
Semperis also pointed to Australian policy drivers for identity security and resilience, including the Essential Eight and regulatory requirements under the Security of Critical Infrastructure Act 2018, which place greater emphasis on proactive risk management.
The company said Purple Knight is used by more than 65,000 organisations globally. For organisations seeking continuous monitoring and response, Semperis also referenced its commercial offerings, including Directory Services Protector, Active Directory Forest Recovery, and Lightning Intelligence.
