BloodHound Enterprise for Government

Ensure Mission Readiness

BloodHound’s FedRAMP High Compliant, cloud-delivered Attack Path Management solution eliminates Identity Attack Paths to achieve Zero Trust initiatives and meet mandated compliance regulations.

 

FedRAMP High Compliant

This accreditation is through an agency Authority to Operate (ATO) and our progress can be viewed on the FedRAMP Marketplace here.

Mission: Eliminate
Identity Risk

1. Achieve Zero Trust Architecture

The Executive Order on Improving the Nation’s Cybersecurity calls for the Federal Government to ‘advance toward Zero Trust Architecture’. To achieve Zero Trust you must be certain you have no trust relationships that give adversaries access to Tier 0 assets. BloodHound Enterprise for Government enables you to both validate you have achieved Zero Trust and/or shows you the critical paths you must remove to secure your agency.

2. Stop Adversaries

Identity Attack Paths are adversary’s most utilized and efficient way to move laterally and escalate privileges. BloodHound Enterprise for Government identifies critical Identity Attack Paths and provides remediation guidance to help you stop your adversaries from advancing.

3. Manage Risk

Operational Intelligence is required for planning and ensuring you have minimized your security risk. For Identity risks, this requires the ability to see and measure the Identity Attack Paths that exist in your network. BloodHound Enterprise for Government is the first-of-its-kind Attack Path Management platform to allow you to manage your Identity risks.

Mission: Compliance and Maturity

Compliance Frameworks

BloodHound Enterprise for Government enables compliance for frameworks that require users to maintain separate privileged accounts from their standard user accounts. Example compliance frameworks include:

  • NIST CSF v1.1: PR.AC-1 and PR.AC-4
  • NIST CSF 2.0: PR.AA-05 and ID.RA-03
  • NIST SP 800-53 Rev. 5: AC-5 and AC-6

 

Read the spec sheet
Maturity Models

BloodHound Enterprise for Government provides Optimal Visibility, Analytics, and Risk Assessment maturity to your organization for implementing Zero Trust for Identities.

  • CISA: Zero Trust Maturity Model, Version 2.0, April 2023 | Section 5.1
  • DoD: Zero Trust Strategy, October 2022 | Target Level User 1.1, 1.2, 1.4, 1.7

BloodHound Enterprise for Government’s Heritage Frequently Recognized by CISA

“In performing actions 4a through 4f, agencies should use tools such as BloodHound to understand the possible attack path that starts with a compromise of their Exchange infrastructure as the result of compromised Exchange permissions in Active Directory.”

CISA Emergency Directives ED 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities, March 03, 2021

“On Workstation 1, the team leveraged a modified SharpHound [the BloodHound] collector, ldapsearch, and command-line tool, dsquery, to query and scrape AD information, including AD users [T1087.002], computers [T1018], groups [T1069.002], access control lists (ACLs), organizational units (OU), and group policy objects (GPOs) [T1615].”

CISA Cybersecurity Advisory CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks, February 28, 2023

“… The red team queried parsed Bloodhound data for members of the SharePoint admin group and identified several standard user accounts with administrative access.”

CISA Cybersecurity Advisory CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks, February 28, 2023

“Use open-source penetration testing tools, such as BloodHound…, to verify domain controller security.”

CISA Publication #StopRansomware Guide, October 19, 2023