The Purple Knight Report 2023 addresses Active Directory (AD) vulnerabilities in companies. According to the latest report, enterprise AD security needs improvement.
On average, the safety ratings of all participants only achieved a score of 72 out of 100 possible points, which represents an improvement compared to the previous year, but only corresponds to a grade of “C”, i.e. “satisfactory”. For this year's report, more than 150 representatives from companies of different industries and sizes from the Purple Knight user community were surveyed. With Semperis' Purple Knight vulnerability assessment tool, companies can assess the security of their Active Directory, identify potential attack routes and receive instructions on how to close them.
Uncover vulnerabilities
Looking at the results by company size, organizations with more than 10.000 employees performed the worst, with an average score of 63. Companies with up to 500 employees achieved the best score of 73 points, but are only in the range of the overall average. In an industry comparison, the insurance industry came last with an average overall rating of 66 points. This is immediately followed by retail, transport and public infrastructure with 71 points each. Among other things, the Active Directory security categories of account security, AD infrastructure security, Kerberos security, AD delegation, Entra ID security (formerly Azure AD) and Group Policy security were examined for the current investigation. The companies reported an average score of 61 in the account security category, the lowest score across all AD categories assessed by Purple Knight.
Purple Knight report finds holes
It was also examined how many vulnerabilities Purple Knight had discovered among those surveyed. The highest surveyed number of five vulnerabilities or more was reported by 55 percent of participants for the Entra ID category. Similar high results were achieved in the AD infrastructure security (40 percent) and Kerberos security (39 percent) categories. Organizations continue to need to address identity-related vulnerabilities often targeted by ransomware groups such as Vice Society, LockBit, BlackCat and Clop. However, because AD is a technology that is now almost a quarter of a century old, the necessary skills or experience to find and fix the relevant security vulnerabilities are often lacking. Additionally, improving AD security falls through the cracks in many organizations because IT administrators and security professionals work on separate teams.
AD security challenges
- Lack of visibility of AD vulnerabilities
- Lack of timet and resources to address the spreading vulnerabilities
- Lack of attention for AD security issues from executives and other teams
- complications through acquired or outdated AD infrastructures
- Failure to perform audits by third parties to identify security gaps
About Semperis
For security teams tasked with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain, reducing recovery time by 90 percent. Designed specifically to secure hybrid Active Directory environments, Semperis' patented technology protects over 50 million identities from cyberattacks, data leaks and operational errors. The world's leading organizations trust Semperis to detect directory service vulnerabilities, intercept ongoing cyberattacks, and quickly recover from ransomware and other data integrity emergencies.