SpecterOps adds support for Okta, GitHub, and Mac environments to BloodHound Enterprise. With OpenGraph extensions, identity and security teams can manage and remediate attack paths across multiple platforms. New privilege zones and integrations with Palo Alto, Microsoft Sentinel, and ServiceNow are designed to further strengthen the security of hybrid environments.
The expansion of BloodHound Enterprise runs on OpenGraph extensions, enabling organizations to better detect and close attack paths that span multiple platforms. SpecterOps will demonstrate the new capabilities next month at RSA Conference 2026.
The company positions BloodHound Enterprise as a platform for Identity Attack Path Management (APM). We don’t have to guess why they built a security tool for this. “Attackers increasingly exploit identities and the trust relationships between platforms, people, and agents to gain access to critical assets,” said Justin Kohler, Chief Product Officer at SpecterOps.
OpenGraph connects platforms
With OpenGraph, identity and security teams can extend their attack path management to Okta, GitHub, and Jamf-managed Mac endpoints. This involves detecting misconfigurations in identity settings, privilege escalation paths, and risks of unauthorized access. Privilege Zone Analysis enables the definition of multiple privilege layers and the identification of breaches outside the traditional identity infrastructure.
BloodHound Enterprise is therefore not limited to Active Directory. According to the company, customers achieve an average 35 percent risk reduction in the first month of adoption, and addressing a single critical vulnerability blocks an average of more than 17,000 attack paths. This translates into tangible results for security teams managing hybrid environments. In other words: fewer compromises and potentially less severe compromises if attackers do manage to gain entry, thanks to limited lateral movement.
New integrations and encryption control
In addition to the platform expansion, SpecterOps is introducing integrations with Palo Alto Cortex XSOAR, Microsoft Sentinel, and ServiceNow VRM. These link attack path findings to existing security workflows. Also new is support for Bring Your Own Key (BYOK), which allows organizations to manage their own encryption keys for internal security requirements and compliance purposes.
The platform not only integrates with other systems but also expands its usability in other ways. In January, SpecterOps introduced an on-premises version of BloodHound Enterprise for organizations that manage their critical assets outside the cloud.
In March of last year, the company raised $75 million in a Series B round to accelerate the rollout of BloodHound Enterprise. On March 31, SpecterOps is hosting a webinar featuring a live demo of the new OpenGraph extensions.