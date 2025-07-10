Identity systems—particularly Active Directory (AD) and Entra ID—remain high-value targets for cyberattacks. The Five Eyes Alliance, a coalition of international security agencies that includes the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), recently emphasized this in a joint advisory titled Detecting and Mitigating Active Directory Compromises: “Active Directory’s pivotal role in authentication and authorisation makes it a valuable target for malicious actors. It is routinely targeted as part of malicious activity on enterprise IT networks.”

Even as awareness of the risks facing AD and Entra ID grows, many organizations still face difficulties securing their hybrid identity environments. According to an online survey of Purple Knight users conducted by Semperis, respondents reported an average initial security score of just 61%—a failing mark and an 11-point drop compared to results from 2023.

“Hybrid identity environments are complex, and threat actors know it. Overall, organizations can’t protect what they can’t see. The lower average scores in the 2025 Purple Knight Report indicate how crucial it is for companies to proactively assess vulnerabilities across their hybrid identity systems so they can close security gaps before attackers exploit them,” said Deuby. “Purple Knight gives organizations of all sizes the ability to identify vulnerabilities and remediate them before risks become damaging losses because of a compromise.”

Among industries, the government sector scored the lowest average score of 46, followed by retail at 51 out of 100 and transportation and education at 57 out of 100. Healthcare averaged a score of 66, still poor, but the highest among all verticals.

These survey insights, along with findings from in-person discussions with IT and security professionals, highlight ongoing challenges in protecting hybrid identity infrastructures—including AD, Entra ID, and Okta—across virtually every industry.

(AI was used in part to facilitate this article.)