Most security teams already know the usual suspects when it comes to identity risk – too much access, too many stale permissions, and too little visibility into how it all connects. BloodHound’s been great at surfacing that inside Microsoft environments. But with v8.0,
SpecterOps is widening the lens. Now it’s not just about AD – it’s about uncovering attack paths across the full stack.
OpenGraph Brings Hybrid Threat Modeling Into Focus
The standout in this release is BloodHound OpenGraph. It marks a shift from AD-centric visibility to broader identity attack path coverage across platforms like GitHub, Snowflake, and Microsoft SQL Server.
“It significantly broadens the scope of attack path management across nearly any platform, repository, or application, which is a massive advancement,”
Jared Atkinson, CTO at SpecterOps told MSSP Alert. “Previously, most innovation in attack path management focused on Active Directory and Entra ID given the widespread adoption of those platforms among enterprises. BloodHound OpenGraph allows enterprise security teams to uncover attack paths throughout the entire technology stack that would have been invisible to them before.”
This expanded scope also introduces flexibility for teams to model threats in a way that fits their own tech stack. “OpenGraph allows BloodHound to ingest data from any platform. Users need to understand the access control model of that platform and know which data is relevant,” Atkinson explained. “Teams and researchers can now use BloodHound to create unique threat models built for their specific environment. GitHub, Snowflake and MSSQL are integrations we’re releasing as examples or inspirations for the security community.”
Usability Updates and IAM Integrations
Version 8.0 isn’t just about visibility – it’s also about usability. New integrations with Microsoft PIM, Duo, and ServiceNow bring identity context closer to operational workflows. Atkinson made it clear that SpecterOps isn’t trying to replace existing identity tools.
“We built BloodHound Enterprise to complement other IAM tools and fill in security gaps they aren’t built to address,” he said. “Organizations still need endpoint protections, strong passwords, MFA, threat detection, and so on. The visibility that BHE provides also helps organizations get closer to a Least Privilege model.”
From a feature standpoint, BloodHound v8.0 adds useful tools like a new Table View, inheritance tracking, and deep linking, all designed to help ops and security teams collaborate.
Kali Linux support makes it easier for red teams to integrate BloodHound into offensive testing environments. Behind the scenes, integration testing and usability improvements aim to reduce deployment friction and help teams act faster on what they find.
As for MSSPs and channel partners, Atkinson noted that SpecterOps is continuing to build support. “SpecterOps offers a dedicated channel partner program that continues to grow, and we’re continuing to evaluate how to best support the MSP and MSSP market with offerings like BloodHound 8.0 and OpenGraph.”
By expanding visibility beyond Microsoft environments and introducing integrations that align with real-world workflows, SpecterOps is giving security teams a clearer, more practical way to tackle persistent access issues. If your team is still relying on piecemeal tools or assuming traditional IAM controls are enough, now’s the time to reassess.
