Alexandria, VA – July 29, 2025 – SpecterOps, the leader in identity risk management and adversary tradecraft, today announced BloodHound v8.0, the latest version of its industry-leading open-source Attack Path Management security platform. BloodHound v8.0 includes significant product expansions and enrichments for both the BloodHound Community Edition open-source tool and the BloodHound Enterprise platform.
This release introduces BloodHound OpenGraph, which revolutionizes the practice of Identity Attack Path Management by exposing attack paths throughout the technology stack. It allows BloodHound Community and Enterprise users to ingest data from disparate systems and applications vital to the organization like GitHub, Snowflake, and Microsoft SQL Server. Teams and researchers can now create unique, custom threat models for their specific environment and to understand and mitigate hybrid risk to their technology landscape.
“BloodHound OpenGraph is a foundational shift toward comprehensive identity risk management across the entire enterprise and opens many exciting paths for BloodHound in the future,” said Justin Kohler, Chief Product Officer at SpecterOps. “Beyond OpenGraph, v8.0 is chock-full of updates like Microsoft Privileged Identity Management roles support, integrations with Duo and ServiceNow, and the new Table View that will create significant value for security and IAM teams.”
“To date, most of the innovation in Attack Path Management has focused on Microsoft Active Directory and Entra ID, given the widespread adoption of those identity platforms,” said Jared Atkinson, Chief Technology Officer at SpecterOps. “BloodHound OpenGraph enables researchers across the BloodHound Community to quickly ingest new data sets and light up new attack paths across their environment. It’s a massive leap forward for tradecraft research, community collaboration, and possibilities for APM.”
8.0 Features for Expandability and Usability
v8.0 expands the systems that BloodHound can protect, adding new use cases and making BloodHound easier to use. It also adds new integrations and significant improvements to the integration testing processes, enabling faster integration adoption.
Microsoft Privileged Identity Management (PIM) roles – 8.0 adds coverage for Microsoft PIM roles in BloodHound Enterprise, allowing organizations to view where key roles are in use and whether they are correctly configured and secured. This reduces risk exposure by confirming PIM roles aren’t hiding attack paths considered already eliminated. When a customer combines least privilege principles with “Just in Time” access enabled by PIM and verified through MFA, the attack surface becomes significantly smaller.
ServiceNow Integration – Provides the ability to generate tickets to track and monitor vulnerabilities within environments, as identified by BloodHound Enterprise.
Duo Integration – Allows customers to employ two-factor authentication and flexible security policies for team members accessing their BloodHound Enterprise environment.
Privilege Zones Analysis – Privilege Zones provides the ability to analyze additional zones within environments to reduce risk beyond traditional identity infrastructure and focus on business-critical assets that require advanced protection (core business apps) or regulatory oversight (such as PCI or HIPAA servers). This functionality enables customers to define multiple tiers and analyze violations across them to truly enforce Least Privilege.
Additional enterprise usability features added in BloodHound v8.0 include:
- Kali Linux Support – BloodHound 8.0 is now supported on the Kali Linux operating systems, enabling penetration testers and community members to conduct testing or attack path analysis in Kali Linux environments.
- Table View – Provides an alternate view of attack graph data in a format that can be shared, managed and exported. This gives Identity teams the data they need to remediate attack paths and allows them to work together with the security team on Attack Path Management workflows.
- Inheritance tracking – Shows the root of the inheritance of rights/access to aid in remediation.
- Back Button & Deep Linking – Secure browser navigation enables users to move back and forward, bookmark views, and securely share views among teams, improving usability and workflows between Operations and Security.
SpecterOps will demo BloodHound v8.0 at Black Hat in Las Vegas on August 6-7. Visit booth #4527 to learn more about BloodHound OpenGraph and the future of Identity Attack Path Management.
Register for the launch webinar on July 31 at https://ghst.ly/bhupdatev8 to learn more technical information about these updates. In addition, today SpecterOps released the State of Attack Path Management Report. The report dives into how attack path management came to be, how you can implement it in your organization, and where it’s going next. Find it at http://specterops.io/resources/state-of-apm.
About SpecterOps
SpecterOps is a leader in identity risk management. Possessing deep knowledge of adversary tradecraft, the company enables global organizations to detect and remove critical attack paths before sophisticated attackers can take advantage of them – a practice called Attack Path Management. SpecterOps built and maintains widely used open-source security toolsets, including BloodHound, the company’s foundational tool that enables attack path management. BloodHound has been recommended by the U.S. Department of Homeland Security, PricewaterhouseCoopers and many others. BloodHound Enterprise is the company’s managed SaaS for identity and security teams, allowing for attack path prioritization, remediation guidance and reporting to reduce risk and harden defenses. For more information on SpecterOps and BloodHound, visit https://specterops.io/.
