Anthropic’s Mythos announcement points to a near-term future of faster exploit discovery, faster compromise, and greater pressure on defenders.Join Jared Atkinson and Justin Kohler on April 22 as they examine what Mythos means for both attackers and defenders, why identity attack paths matter more in a machine-speed threat environment, and how organizations can better protect critical assets and infrastructure. Register today.
Check out the latest episode of the Know Your Adversary podcast and hear from Javier Azofra Ovejero from Siemens Healthineers.The conversation focuses on how security gaps emerge between systems like Active Directory, Entra ID, and CyberArk. Javier explains how his team built a BloodHound OpenGraph integration (CyberArkHound) to connect these platforms and uncover hidden attack paths that weren’t visible in isolation.
Resolved an issue where Azure post-processing could fail when PostgreSQL was configured as the graph database on BloodHound Community.
Expanded the set of supported TLS cipher suites when BloodHound is configured to serve HTTPS directly to resolve SharpHound connectivity issues in certain environments.
Added an OpenHound download link to the Download Collectors page.
This release introduces new data collection capabilities, improves core navigation and graph exploration workflows, and resolves high-impact API and query reliability issues. Key highlights include:
Graph Readability: Improved node labels, clearer directional arrows, and more intuitive selection behavior in Explore for easier graph analysis.
OpenHound: A new data collector framework for OpenGraph extensions, starting with GitHub, Jamf, and Okta collectors.
OpenGraph Extension Management: A new Administration page to manage OpenGraph extensions.
OpenGraph Findings: Analyze custom graph findings in Attack Paths and Posture with extension-specific schemas.
Environment Targeted Access Control: Scope User and Read-only access by environment with dynamic policy controls.
Table View Organization: Improved organization and readability of table views.
Azure Post-Processing: Enhanced post-processing capabilities for Azure data.
Navigation Sidebar Modernization: Updated navigation sidebar for a more intuitive user experience.
Keep hybrid Azure and Active Directory (AD) relationship data cleaner with less unnecessary graph churn during post-processing, significantly improving analysis time for tenants with large Azure environments.
Navigate BloodHound more effectively with assistive technologies through clearer component naming and better non-text content labeling across the interface.
This release introduces new features, enhancements, and fixed issues to improve data collection, OpenGraph ingestion capabilities, and general usability. Key highlights include:
Property-based edge matching enables hybrid edge creation using cross-system attributes, such as email, username, or hostname.
AzureHound collects Federated Identity Credentials (FICs) from Azure and adds new nodes and edges in BloodHound to represent these trust relationships.
BloodHound Enterprise now allows you to upload nodes and edges in separate OpenGraph data payloads without losing disconnected nodes after ingestion.
It also includes a breaking change for OpenGraph data payloads.
This release improves graph investigation workflows in Explore and resolves reliability issues in findings export, Zone Builder tagging and filtering, and query naming. Key highlights include:
Explore adds resizable table columns, Meta node details in the Entity Panel, and clearer edge guidance for Azure role relationships.
Edge reference coverage expands with a new valid_edges.json schema for valid source-target node relationships and supported edge types.
Fixed issues improve findings export accuracy, Zone Builder Tier Zero tagging timing and zone membership filtering behavior, and prebuilt query naming clarity.
Review clearer and more consistent edge guidance for AZOwner, AZOwns, and key Entra ID role edges, plus valid node relationships and supported edge types with a new valid_edges.json schema.
This release enhances data collection capabilities with new customization options, expands permissions for Cypher query management, and improves Zone Builder with better rule testing, clearer terminology, and enhanced object identification.
