SpecterOps Brings Attack Path Management to Government Agencies to Help Reduce Risks Associated with Secure Identity Management

SEATTLE--(BUSINESS WIRE)--SpecterOps, a provider of adversary-focused cybersecurity solutions born out of unique insights of advanced threat actor tradecraft, today announced that BloodHound Enterprise (BHE) will be available to government customers next month. BHE is an Attack Path Management (APM) security solution for defending Microsoft Active Directory (AD) and Azure AD/Entra ID. SpecterOps is in the final stages of FedRAMP certification and BHE will soon be FedRAMP HIGH compliant.

This certification was streamlined through a partnership with Palantir FedStart — a SaaS offering that helps accelerate federal go-to-market by enabling companies to run their products within Palantir’s secure and accredited environment. Companies that are part of the FedStart program benefit from FedRAMP and IL5 compliance managed by Palantir, with Palantir responsible for government ATO conversations, compliance artifacts, continuous monitoring, and control assessments. BHE is deployed as an application on top of this platform to comply with and inherit further security controls FedRAMP requires.

“The average government agency will have tens of thousands of AD Attack Paths, making them an attacker’s easiest, most reliable, and most effective method to deploy malware or other offensive cyber operations,” said Justin Kohler, VP of Products at SpecterOps. “BHE provides the critical Attack Path Management capability that is sorely needed in the public sector. Many of us at SpecterOps come from a federal service background and have always wanted to bring our capability to FedRAMP-required environments.”

BHE is designed to help organizations proactively and continuously identify, manage, and remediate millions of AD Attack Paths. It gives IT Ops and SecOps professionals the tools needed to dramatically and measurably improve their AD security posture with minimal effort. BHE with FedRAMP meets the high security and compliance standards of the federal government and allows for faster adoption by government agencies seeking to secure their AD or Azure AD/Entra ID environments.

CISA and Microsoft have recommended BloodHound, an open-source tool from SpecterOps related to BloodHound Enterprise, for securing Microsoft Active Directory. BHE product revenue grew 200% year over year over the past two years and is used worldwide by companies like Capital Group, the University of Texas at Austin, and Woodside Energy.

In addition to FedRAMP HIGH compliance in April, BHE is currently compliant with ISO 27001, ISO 27017, and SOC 2 Type 1 & 2. For details, visit https://bloodhoundenterprise.io/bloodhound-federal/.

About SpecterOps

SpecterOps is a cybersecurity solutions and services provider specializing in deep knowledge of adversary tradecraft to help clients detect and defend against sophisticated attackers. The company releases numerous widely used free and open-source security toolsets, including BloodHound, a penetration testing solution which maps attack paths in Active Directory and Azure environments. BloodHound has been recommended by the Department of Homeland Security, PricewaterhouseCoopers and many more. BloodHound Enterprise is the company’s first defense solution for enterprise security and identity teams. For more information on the company and its solutions, visit https://specterops.io/.