TelcoNews Australia - Telecommunications news for ICT decision-makers
Australia
Semperis
#
DR
#
Ransomware
#
Hybrid Cloud

Semperis expands Purple Knight for government clouds

Fri, 24th Apr 2026 (Today)
Author image
By Mark Tarre, News Chief

Semperis has expanded its Purple Knight identity security assessment tool to support high-assurance government cloud environments.

The update comes as Australian government agencies, defence organisations and critical infrastructure operators face growing scrutiny over the security of identity systems across on-premises networks and cloud services.

Purple Knight is a free tool that assesses Active Directory and Entra ID environments for weaknesses and signs of compromise. The latest changes let organisations using Microsoft Government Community Cloud High, or GCC High, extend Entra ID assessment scanning into that environment.

Previously, agencies using GCC High could assess the health of their on-premises Active Directory systems, but not their cloud identity estate in the same way. The new support is intended to close that gap.

Identity security has become more prominent for public sector and infrastructure operators because directories and identity services often sit at the centre of enterprise networks. Attackers that gain access to those systems can move across environments, escalate privileges and disrupt operations.

Australian organisations are also operating under tighter cyber risk expectations. Frameworks such as the Essential Eight and obligations under the Security of Critical Infrastructure Act have increased focus on continuous monitoring, hardening core systems and faster remediation of weaknesses.

That pressure has been reinforced by intelligence guidance from the Five Eyes Alliance. In an updated joint advisory on detecting and mitigating Active Directory compromises, the alliance, including the Australian Signals Directorate and the Australian Cyber Security Centre, stressed the need for regular assessment of identity systems and cited tools such as Purple Knight to help organisations identify and remediate vulnerabilities.

Support for GCC High is tied to a US government cloud environment, but the broader issue is relevant in Australia because many organisations run mixed identity estates that connect legacy on-premises directory infrastructure with cloud identity platforms. Those hybrid arrangements are common across government, defence and critical infrastructure.

Purple Knight is already used by more than 65,000 organisations globally. The tool is designed to benchmark identity settings against established security practices and threat guidance, giving security teams a snapshot of exposure across on-premises and cloud environments.

The expansion forms part of a broader market push around identity-focused cyber defence. Vendors and security agencies increasingly argue that protecting credentials, directory services and privilege structures is central to resilience against ransomware and other intrusions.

In Australia, concern over identity compromise has sharpened as ransomware and extortion incidents continue to affect public and private sector entities. A background note accompanying the announcement said 93% of ransomware attacks in Australia stem from compromised identity infrastructure.

Five Eyes focus

The Five Eyes advisory has added weight to that discussion by linking operational guidance with practical tools for assessing exposure. For local security teams, the endorsement is notable as agencies look for ways to align technical controls with broader Zero Trust programs and compliance demands.

Semperis has built its business around products for identity system protection, threat detection and recovery. Alongside Purple Knight, it sells Directory Services Protector for hybrid Active Directory threat detection, Active Directory Forest Recovery for disaster recovery, and Lightning Intelligence for software-based identity security posture management.

The latest update does not change Purple Knight's role as a free entry-level tool, but it does widen the range of environments that can be assessed. That could matter for agencies and contractors operating in tightly regulated settings where cloud segmentation and compliance requirements have historically limited the use of some security tools.

For Australia, the significance lies less in the specific US cloud platform and more in the broader push to improve visibility across hybrid identity environments. Security practitioners have repeatedly warned that fragmented oversight between on-premises and cloud systems can leave gaps for attackers to exploit.

Gerard Sillars, vice president APJ at Semperis, said the changes reflect that shift in defensive priorities. "Identity has become the frontline of cybersecurity, yet many organisations still lack clear visibility into their exposure across hybrid environments," he said. "This expansion reflects the growing need highlighted by Five Eyes guidance for continuous identity security assessment aligned with Zero Trust principles."

Related stories
DE-CIX expands reach at New York's 60 Hudson Street
Earth Day calls for data centre grid reset amid AI surge
Cerillion lifts orders on GBP £42.5 million Omantel deal
SITA launches managed airport network service with HPE
Australia data centre growth shifts towards renewable power

Top stories

The real-time data solution to the AI energy problem
Elastic ties security platform to Google's air-gapped cloud
Getac launches rugged G140 Copilot+ tablet in Australia
White Rook Cyber wins CREST accreditation for testing
IP Fabric launches MCP server for network operations