SpecterOps, a provider of adversary-focused cybersecurity solutions, has added support for Microsoft Azure to BloodHound Enterprise (BHE), the Attack Path Management (APM) security solution. Organizations can now proactively and continuously identify, manage and remediate identity Attack Paths in Active Directory (AD) and other access control systems whether they’re located on-premises, in the cloud or in a hybrid environment.
BloodHound Enterprise uses an approach called Attack Path Management to help IT operations and security operations professionals measurably improve their AD security posture with minimal effort. This process received high levels of customer interest and positive feedback after BHE launched in July 2021 and SpecterOps has now added support to cover other identity management systems, starting with Azure. Azure AD uses different technologies to manage identities and access, but is still vulnerable to the same types of identity Attack Paths as on-prem AD.
There is a strong need for APM to improve the security of AD and other similar directory services products. These systems can be abused by attackers to gain control of systems and data, impersonate users, abuse legitimate access to non-AD systems and are regularly used by ransomware gangs like Conti, REvil and DarkSide to carry out ransomware attacks. In a 2020 survey of IT, security and Identity and Access Management professionals, 94% said that security against abuse of Active Directory was a top priority for their organization.
Securing Azure AD is particularly important because of the platform’s growth, complexity, and rapid rate of change.
The new version of BloodHound Enterprise with support for Azure is available in early access now and will be generally available in April.