The Problem We Solve

Adversaries have been targeting Active Directory Attack Paths for decades, and why not?

To the adversary, Active Directory is:


Organizations’ applications, services, identities, and critical operations are built on top of AD. While taking control of AD may not be the end goal, no other tactic provides the guarantee of achieving the adversary’s true objective.


AD is used by nearly every enterprise. Adversaries can use the same skills to abuse organizations universally across their victims.


The same advanced administrative power features in AD are used by adversaries to persist and complete their objective without the use of exploits.

Unmatched payoff

Enterprise defenders and IT architects do their best to eliminate risk, but their AD environment:

Learn more
  • Provides Zero Visibility: Windows and AD make it nearly impossible to audit privileges
  • Constantly Evolve: New users, new machines, new environments, and user logins all add to and create new Attack Paths.
  • Is Buried in Debt: Years of misconfiguration debt add Attack Paths and hide adversary activities

Current solutions aren’t addressing the problem

Traditional AD security solutions focus on listing thousands of generic configuration issues, mounting unobtainable corrective action debt on AD admins. Worse yet, the endless effort to resolve individual configuration issues are offset by new misconfigurations as environments undergo constant change in both size and complexity.

Learn more

Best practices are impractical

Many turn to trying to address the root causes by attempting tiered administration and least privilege access best practices. Unfortunately, both are fantastic in theory but fall short in practice. Tiered administration often requires impractical architectural changes and least privilege is hampered by opaque and confusing effective privileges.

Learn more

Attack Paths are a ubiquitous threat

The result is AD Attack Paths remain an unseen, unmanaged problem that continues to grow. Virtually every enterprise has tens of thousands of accessible Attack Paths and if an adversary can attack one AD, they can attack any AD.

Learn more

Learn how BloodHound Enterprise can eliminate millions of Attack Paths in your environment