SpecterOps announced it has added support for Microsoft Azure to BloodHound Enterprise (BHE),
the industry's leading Attack Path Management (APM) security solution.
Organizations can now proactively and continuously identify, manage and
remediate identity Attack Paths in Active Directory (AD) and other
access control systems whether they're located on-premises, in the cloud
or in a hybrid environment.
BloodHound
Enterprise uses an approach called Attack Path Management to help IT
Operations and Security Operations professionals dramatically and
measurably improve their AD security posture with minimal effort. This
process received high levels of customer interest and positive feedback
after BHE launched in July 2021 and SpecterOps has now added support to
cover other identity management systems, starting with Azure. Azure AD
uses different technologies to manage identities and access, but is
still vulnerable to the same types of identity Attack Paths as on-prem
AD.
"Attack
Path Management has proven to be wildly successful in helping
organizations reduce their exposure to Attack Paths in traditional
Active Directory; we've seen customers reduce exposure by over 30% in as
little as 24 hours after deploying BloodHound Enterprise," said David
McGuire, CEO at SpecterOps. "But many of our users have a hybrid
network, with both on-prem and cloud workloads. Support for Azure, which
is our number-one new request from customers by far, will allow
organizations running a hybrid cloud model to easily protect their
entire identity infrastructure."
There
is a strong need for APM to improve the security of AD and other
similar directory services products. These systems can be abused by
attackers to gain control of systems and data, impersonate users, abuse
legitimate access to non-AD systems and are regularly used by ransomware
gangs like Conti, REvil and DarkSide to carry out ransomware attacks.
In a 2020 survey of IT, security and Identity and Access Management
professionals, 94% said that security against abuse of Active Directory
was a top priority for their organization.
Securing
Azure AD is particularly important because of the platform's growth,
complexity, and rapid rate of change. In October 2021, Microsoft
reported that Azure and other cloud services grew 50% year over year in
Q4 2021 and have grown between 47% and 62% every quarter since Q2 2020.
Azure AD uses three separate systems to manage identity and access, all
of which undergo significant changes regularly as the Azure platform is
updated. This complexity creates additional attack paths and undermines
the expertise of security and Identity and Access Management engineers.
BloodHound Enterprise helps both groups regain control of Azure AD
attack paths.
"BloodHound
Enterprise gives us consistent visibility and actionable risk reduction
across our Active Directory environment," said Marcus Sailler, head of
Offensive Security at Capital Group. "As a highly regulated
organization, we're excited to extend this visibility across Azure."
The
new version of BloodHound Enterprise with support for Azure is
available in early access now and will be generally available in April.