SpecterOps is excited to announce the launch of our newest addition to BloodHound Enterprise, BloodHound Scentry. BloodHound Scentry is an expert advisory service that uses the proven expertise of the SpecterOps team to accelerate your Identity Attack Path Management (APM) practice and protect the most critical assets in your environment from attack paths that put your organization at risk.

 It Started with BloodHound

We first launched the open-source version of BloodHound in 2016 with the primary goal of more easily mapping (and exploiting) identity risk within a company, as red team operators. This tool allowed for SpecterOps red teamers (and many others) to easily identify attack paths for abuse and is one of (if not the) most well known open-source offensive security tools in the world. In 2021, we released BloodHound Enterprise, which focused on providing defenders a view of all their attack paths. BloodHound Enterprise prioritizes attack paths based on exposure within your environment and provides safe, tested guidance on how to fix them. 

The Rise of Attack Path Management

This led to a concentrated focus on a concept called Attack Path Management, which generally refers to the continuous practice of understanding and remediating the attack paths present in an environment. We developed our Attack Path Management Maturity Model to explain the different levels of maturity in implementing this program and provide measurable guidance for building and expanding this new security practice.

BloodHound Enterprise + BloodHound Scentry

Throughout the development of BloodHound Enterprise and the addition of new supported technologies, features, and integrations, we found that customers still had challenges remediating certain complex findings while simultaneously building out a more mature, integrated APM program. While BloodHound Enterprise provides the visibility, there are additional challenges of People, Processes, and Technology that are required to remediate the risks identified. BloodHound Scentry is our answer to this problem, a way that we can help not just find more risk, but allow companies to make meaningful change and reduce attack paths, hardening their environment against future compromise.

One of the biggest strengths of SpecterOps is the team of highly trained offensive security experts performing research and advanced offensive security assessments for some of the largest, most complex organizations in the world. Our research team is constantly identifying new and novel attacks that can affect identity security, which end up as attack paths in BloodHound Enterprise. Additionally, our offensive assessments provide real world insight into the types of attacks and tradecraft that are effective and overlay it with experience in actually abusing such paths. This combination provides us with a deep technical knowledge of how to find, identify, and abuse attack paths. BloodHound Scentry puts the full force of SpecterOps behind your identity APM practice.

How does BloodHound Scentry work? We couple our world-class research team’s understanding of how adversaries operate with technical project managers and experts who have detailed understanding of adversarial tradecraft and the power of BloodHound Enterprise to help organizations implement APM practices and drastically reduce the attack paths within their environments. Scentry leverages this knowledge and experience to quickly accelerate APM maturity for customers currently at any level of APM maturity. 

The Five Pillars of BloodHound Scentry:

BloodHound Enterprise provides the visibility necessary in an environment to detect and prevent attack paths right away. Scentry optimizes this practice, integrating it across connected solutions and operationalizes the identification and removal of attack paths continuously. This often involves a deeper understanding of what, if any, impacts would result from making changes and coordination with other entities to implement the necessary changes. Our team of experts can provide environment specific remediation guidance, help explain potential impacts from changes, and provide support to remove attack paths. As these changes are made and attack paths are eliminated, BloodHound Scentry also supports capturing the specific reporting information from BloodHound Enterprise to highlight the impact of the APM program maturing over time.

Additionally, BloodHound Enterprise is an evolving product with new technologies and features becoming available regularly, expanding the reach of APM’s protection. Recent releases like Privilege Zones and OpenGraph create interesting new opportunities to expand both the visibility and customization of the Attack Graph. BloodHound Scentry provides the ability to accelerate adoption of these exciting new features, catered to your specific environment, with little need for additional time commitment necessary to do it yourself. 

Finally, attack paths and the information security space are constantly changing and evolving such that it can be hard to keep up with all the latest risks and attacks. BloodHound Scentry ensures that you have resources and expertise dedicated to staying on top of all the latest attack path findings that come out, either from SpecterOps research or others, and work behind the scenes to identify your susceptibility, exposure, and potential remediations.

We are excited to roll out this development in our ongoing mission to help customers find and eliminate attack paths. If you are interested in learning more about BloodHound Scentry please reach out to your SpecterOps representative or visit http://specterops.io/bloodhound-scentry/ to accelerate your APM program today.