From the creators of BloodHound FOSS and Powered by SpecterOps research, a focused approach to Attack Path Management
Where it all started
Andy Robbins, Rohan Vazarkar, and Will Schroeder first created BloodHound FOSS in 2016 to empower penetration testers and red teamers to illustrate adversary risk to organizations and help defenders be prepared for imminent attacks. Since then, BloodHound has been used by attackers and defenders alike to identify and analyze Attack Paths in on-prem Active Directory environments.
Attackers can use BloodHound to easily identify highly complex Attack Paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same Attack Paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.
Community Driven: BloodHound Enterprise also facilitates continued open-source technical capability and research within Active Directory and Azure Active Directory.
Why BloodHound Enterprise
Almost immediately after BloodHound FOSS was released, the creators and many others realized that the potential for the tool was far more compelling on the defensive side than it was on the offensive. However, as BloodHound FOSS was designed and architected for a different use case, the team new a different solution was required.
Where BloodHound FOSS is designed to identify Attack Paths to exploit, the team had the vision to design BloodHound Enterprise to manage all Attack Path risks continuously and comprehensively such that:
- Attackers are forced to go elsewhere and use different tactics that are more difficult and have less payoff than they do today
- Least privilege access, tiered administration and credential hygiene are attainable, effective best practices
- Enterprises can measure, assess, and improve their security posture
What Enterprise Will Achieve
BloodHound Enterprise benefits
With the introduction of BloodHound Enterprise, the team redefines Active Directory security by enabling Attack Path Management.
Unprecedented visibility into Active Directory
Visualize privileges for instant clarity on AD architecture
Best practices made practical
Tiered Administration, Least Privilege, and Credential Hygiene are now possible
Active Directory security for everyone
Harden Active Directory against abuse and improve directory services availability
Elimination of ‘band-aid’ fixes
Directly address the risk of Attack Paths at precise Choke Points rather than fighting misconfiguration debt
Measurably improved security posture
Meaningful, transparent measurements that illustrate the risk reduction gained from Attack Path Management