Join us at Black Hat 2025 for training, open-source tools, and insights in identity security. Learn More

BloodHound Enterprise

Eliminate Attack Paths

Manage Identity Attack Paths across your hybrid environment and remove the adversary’s paths to your critical assets.

View Datasheet

See how BloodHound Enterprise uncovers and eliminates hidden threats to your vital systems

BloodHound logo with a series of hexagons mapped below

Discover Attack Paths

Advanced, accurate, and effective

Improve identity practices while protecting what matters most. Eliminate identity attack paths and the conditions that introduce them.

The most extensive and reliable attack graph technology available

Map, prioritize, and remediate millions of Identity Attack Paths

Surface decades of identity tech debt with guidance to programmatically eliminate it

Tour the product

Stay Ahead of the Adversary

Identity is the adversary’s favorite target

As identities evolve and environments expand, static defenses fall short.

BloodHound Enterprise helps you stay ahead by operationalizing Identity Attack Path Management.

Establish a continuous, measurable Identity Attack Path Management program

Strengthen your existing stack with BloodHound Enterprise’s integrated analysis and workflows

Eliminate the attack paths behind many of your alerts — and reduce detection noise at the source

A grouping of hexagons with icons in them are connected by a red line
Hexagons with callout text

Remove Risk

Eliminate identity attack paths at scale

Bring Security and Identity teams together to tackle identity risk at scale — all in one platform.

Continuously map and prioritize attack paths and choke points

Get clear, tested remediation guidance to reduce risk with minimal change

Monitor evolving threats and track progress over time

Protect high-impact assets with Privilege Zones

INTRODUCING PRIVILEGE ZONES

Enforce Least Privilege through Privilege Zones

BloodHound Enterprise Privilege Zones create secure and enforceable segregation of mission critical assets – enabling true least privilege enforcement

Explore Privilege Zones
icons linked by paths

See BloodHound Enterprise in Action

Take a quick tour to see how BloodHound Enterprise identifies and eliminates identity attack paths and stops lateral movement before it starts.

100

M+

Attack paths remediated

Hundreds of millions of attack paths remediated with BloodHound Enterprise.

35

%

Risk reduction

BloodHound Enterprise customers see an average 35% reduction of risk in the first 30 days.

17

K+

Paths cut per choke point

On average, cutting a single choke point severs access to more than 17,000 attack paths.

What Practitioners Are Saying

Validated by hands-on operators and strategic teams alike. These real-world testimonials show how organizations use BloodHound Enterprise to reduce identity risk at scale.

BloodHound Enterprise is a powerful tool for reducing risk in Active Directory and Microsoft Azure environments.

3rd Line Engineer, Government Agency

Recently one company I briefed with stood out to me for its innovative approach to Identity Attack Path Management: SpecterOps. Its flagship product, BloodHound Enterprise, has become an indispensable tool for organizations worldwide looking to secure their identity infrastructure against sophisticated cyber risks.

Principal Research Advisor, Security & Privacy, Info-Tech Research Group

BloodHound has been nothing short of revolutionary to the way attackers think about attacking large networks, and frankly, the way defenders should think about defending their network. It’s hard to overstate the impact BloodHound had on the infosec scene.

Expert IT Security Consultant

Learn More About
Attack Path Management

See how BloodHound Enterprise eliminates millions of attack paths while focusing your defenses on the routes attackers actually use to reach your critical assets.

Get a demo
Purple SpecterOps logo
White Papers

The Renaissance of NTLM Relay Attacks: Everything You Need to Know

NTLM relay attacks are still viable and more dangerous than ever, despite the common belief that the problem has been solved or minimized.

Read more

Bloodhound Enterprise - dog - transparent

Start BloodHound Community Edition

Use the tool you keep getting beat by…for free!

Get on GitHub
Illustration of a crown
White Papers

A Voyage to Uncovering Telemetry

This paper introduces capability abstraction methodology to enhance detection by dissecting attack techniques and underlying technologies, particularly noting the lack of telemetry on Remote Procedure Calls (RPC), prompting further investigation.

Read more

Illustration of a hand holding 4 playing cards
White Papers

An ACE Up the Sleeve

This paper offers technical insights on building backdoors through misconfigured security descriptors, including ACE enumeration, BloodHound mapping, and defensive considerations, with case studies and future research prospects.

Read more

Specter Ops logo on a blue background
Case Studies

Sustaining and Continuous Verification of Tier 0 with BloodHound Enterprise

As Australia’s leading natural gas producer, Woodside places significant importance on the resiliency of its technology platforms and recognises Active Directory as a pervasive part of the IT landscape that ransomware operators have used to execute attacks at other organisations.

Read more

Illustration of a crown
White Papers

A Voyage to Uncovering Telemetry

This paper introduces capability abstraction methodology to enhance detection by dissecting attack techniques and underlying technologies, particularly noting the lack of telemetry on Remote Procedure Calls (RPC), prompting further investigation.

Read more

Illustration of a hand holding 4 playing cards
White Papers

An ACE Up the Sleeve

This paper offers technical insights on building backdoors through misconfigured security descriptors, including ACE enumeration, BloodHound mapping, and defensive considerations, with case studies and future research prospects.

Read more

Specter Ops logo on a blue background
Case Studies

Sustaining and Continuous Verification of Tier 0 with BloodHound Enterprise

As Australia’s leading natural gas producer, Woodside places significant importance on the resiliency of its technology platforms and recognises Active Directory as a pervasive part of the IT landscape that ransomware operators have used to execute attacks at other organisations.

Read more