News & Views
Purple Knight now protects Okta
Pioneering identity-driver cyber resilience experts, Semperis (www.semperis.com) announces the introduction of Okta security exposure scanning in its community-driven security assessment tool, Purple Knight (www.purple-knight.com/), and expands the company’s multi-directory support beyond the widely used Microsoft identity platforms Active Directory and Entra ID (formerly known as Azure AD).
Support for Okta in Purple Knight, which was first introduced in March 2021 and is now used by 20,000-plus organizations worldwide, follows multiple requests from partners and community users who use the identity platform, often in conjunction with Microsoft Active Directory and Microsoft Entra ID. The initial set of ten Okta security indicators includes checks for highly privileged custom roles, API tokens created in the past seven days, and new Super Admin permissions granted to a group.
“As a community-based identity security assessment tool, the Purple Knight community gives us a direct line to feedback from cybersecurity defenders and IT operations teams at thousands of organizations,” says Ran Harel, Associate Vice President of Security Products, Semperis. “We increasingly hear that organizations are using Okta in conjunction with Microsoft identity platforms. By adding security indicators for Okta to Semperis’ Purple Knight, we’re building on Purple Knight’s ability to improve security posture across hybrid identity environments, which will continue to expand as organizations explore the best combination of technologies for their environments.”
“The key differentiator in Purple Knight’s introduction of Okta support is the ability to integrate Okta security results with Active Directory and Entra ID results in a hybrid identity environment,” says Tammy Mindel, Product Manager, Semperis. “Purple Knight shows the connections between Okta and the Microsoft identity platforms, which is a common use case. Our decision to add support for Okta stems from the security problems our partners and customers have called to our attention and the opportunity to provide unique value by exposing cross-platform vulnerabilities.”
According to the newly released 2023 Purple Knight Report (www.semperis.com/resources/purple-knight-report), organizations receive scores averaging 72% – a low C grade – in the first scans of their identity environments with Purple Knight. By applying the prioritized remediation guidance provided by Purple Knight, organizations reported an average of 40% improvement in their security posture score, with some organizations reporting improvements of up to 64%.