“Previously, users needed to manually download and install the individual components of BloodHound, including a specific version of a specific graph database management system,” Robbins said. “This was a complicated process that could take hours. Now, everything needed to run BloodHound CE is packaged in a container so the correct versions of all necessary software will download and install with a single click.”
The containerized deployment will also enable enterprise-grade user management with multiuser support through role-based access control (RBAC).
Other features include community support and custom queries
The changes made in the new version will allow SpecterOps to increase the rate of updates and will also increase the number of pull requests from the community that can be implemented, according to the company.
“Right now, BloodHound and BloodHound Enterprise have different code bases, so updates and new features need to be done separately for each,” said Robbins. “After this update, the code for both products will be very similar, so updates and new features can be written once and applied to both products.”
“This will save a great deal of time for the SpecterOps team, which will allow them to implement more changes requested by BloodHound users. The pace of future updates to BloodHound will increase,” he added.
BloodHound Enterprise users will now be able to write custom Cypher queries to explore their active directory (AD) environments with safeguards in place, borrowed from Bloodhound CE, to prevent queries from accidentally causing security or performance issues. All the previous versions of BloodHound (everything before v5.0) will be referred to as “BloodHound Legacy” and will remain available, the company added.