BloodHound Enterprise

BloodHound Enterprise is an Identity Attack Path Management (IAPM) platform that continuously maps the relationships, permissions, and trust dependencies linking every identity to an organization's most sensitive systems. Rather than scoring misconfigurations in isolation, it models the environment as a directed graph and traces the chained attack paths an adversary would follow to escalate privilege and reach Tier Zero assets across Active Directory, Entra ID, and hybrid estates.

The platform ingests directory data through the SharpHound and AzureHound collectors and, through its OpenGraph framework and OpenHound collector, extends the same graph model to Okta, GitHub, and Jamf-managed Mac environments. It runs choke point analysis to pinpoint the single remediations that sever the largest share of paths, then delivers step-by-step, impact-aware remediation guidance. Privilege Zones let teams define custom security boundaries and enforce least privilege, while Risk Posture Trend Analysis baselines exposure and tracks reduction over time across business units.

FedRAMP High Authorized through the Palantir FedStart program, BloodHound Enterprise also holds SOC 2 Type II, ISO 27001, and ISO 27017 attestations, with a government edition operating in AWS GovCloud. BloodHound has been cited by CISA in ransomware and Active Directory hardening guidance. Built by SpecterOps, the team behind the open-source BloodHound project, it targets enterprise and public-sector identity and security teams managing complex Active Directory and multi-cloud identity estates.