Catching Bloodhound Before it Bites

Posted by Nir Yosha on Jan 3, 2019 9:29:32 AM

BloodHound is a public and freely available tool that uses graph theory to automate much of the confusion behind understanding relationships in an Active Directory (AD) environment. It allows hackers and pentesters to know precisely three things: which computers give admin rights to any user, which users effectively have admin rights to any computer, and effective group membership information (see Image 1). Because Bloodhound can be used maliciously, organizations need to better understand how it is being used, how to protect privileged users, and how to prevent attacks.   

Read More

Topics: Threat Detection, Adaptive Threat Prevention, Attack Tools