FedRAMP High Authorization for BloodHound Enterprise is a Critical Win for the Public Sector

Author: David McGuire, CEO, SpecterOps 

Today, we’re thrilled to announce that SpecterOps has earned FedRAMP High Authorization for BloodHound Enterprise! This is no small achievement, as it makes our BloodHound Enterprise identity security platform available to U.S. government organizations that operate at the FedRAMP High baseline. This shows SpecterOps’ commitment to data security for all our customers, especially our Public Sector customers, whose Tier Zero assets are items of national security interest.  

Attaining this certification has been a longstanding company goal for years. Due to their often federated nature and lengthy history of Active Directory use, government agencies and players in the DIB are at high risk for identity-based attacks that result in account takeovers. Identity-Based Attack Paths in Microsoft Active Directory (AD), Entra ID and hybrid Azure environments are a serious issue. They are routinely exploited by nation-state adversaries, and we’ve witnessed firsthand the damage they can cause to the public sector. They’re the root cause of significant risk within AD, Entra ID and hybrid environments. 

Identity Attack Path Management empowers government identity and security teams to identify, prioritize and remediate these security threats over time. BHE helps to identify choke points which remediate millions of Attack Paths, usually with an individual fix. This can eliminate years of technical debt, prioritize the most critical paths to start fixing, and reduce the risk of lateral movement and privilege escalation in AD environments. Additionally, BHE enables teams to continuously audit for new Identity risks introduced in their environment. 

BloodHound Enterprise FedRAMP High Authorized for Governments meets strict compliance standards that require users to maintain separate privileged accounts from their standard user accounts. It also provides Optimal Visibility, Analytics, and Risk Assessment maturity for implementing Zero Trust for Identities. It helps government agencies to achieve their mission of protecting sensitive, unclassified information and data by restricting access to Tier Zero assets and advancing toward implementing a Zero Trust architecture. 

The SpecterOps team is uniquely capable in this space because we adopt an adversary’s approach to security. Many of our team members come from military backgrounds (myself included) and have spent many years working closely with government organizations. They’re well-versed in operating in an environment that presents a constant state of attack. And we’re still ready to serve. 

We’re very proud that this day has come, and we’re eager to work with government customers on protecting their most sensitive data and workloads. BloodHound Enterprise FedRAMP High Authorized is now available in the AWS Marketplace and the Azure Marketplace for the convenience of government customers.