SBN

Your new best friend: Introducing BloodHound Community Edition

Summary

SpecterOps is pleased to announce BloodHound Community Edition (CE) will be available in early access on August 8, 2023! In this blog:

  • BloodHound is now BloodHound CE; new name, slightly different look, same purpose and capability.
  • BloodHound CE has new features and is based on the BloodHound Enterprise (BHE) code base.
  • As a result, BloodHound CE will benefit from better support and more releases.

In our upcoming blogs in the series, we’ll discuss all of the new features coming to BHE and CE as part of this effort.

Introduction

Today, the BloodHound team at SpecterOps is excited to announce the upcoming early access release of BloodHound Community Edition (CE). This release represents a top-to-bottom rewrite of the BloodHound open-source project based on the same code that runs BloodHound Enterprise (BHE), SpecterOps’ SaaS-hosted Attack Path Management platform. In this blog series, we will dig into why we took this project on, what it means for the BloodHound product family going forward, and the immediate impacts on BloodHound CE and BloodHound Enterprise.

Before diving in, I want to thank everyone who has used, shared, presented on, and contributed to the BloodHound project. Your support allowed all of this to happen, which is why we are so excited at the opportunity to invest in and give back to the community in a way we never could before. Thank you all so very much.

Product naming

This release includes a shift in our naming schema for the BloodHound product family. In this blog, and going forward, we will utilize the following names to represent the different products and versions.

BloodHound product names and timeline

Why code convergence?

When the BloodHound Engineering team formed within SpecterOps in late 2019, we knew the existing architecture of the open-source project would be insufficient to deliver the enterprise-quality product we desired in BHE. This architecture lacked many capabilities that we knew would be required: multi-user access, high availability, proper authentication and authorization models, APIs to integrate data to and from other systems, and so on. Supporting these features meant starting over on an entirely new code base.

In July 2021, we released BloodHound Enterprise to the world and committed to maintaining BloodHound Legacy. To keep that promise, we often needed to write the same code twice, test it twice, and release it, you guessed it, twice. Our team had to write new Attack Paths for each platform. Any pull requests from the community needed validation on BloodHound Legacy, but we also needed to rewrite the same capability for our BHE customers.

Double effort for every change is clearly unsustainable. We needed to scale our efforts to continue supporting our commitments to both products. With that in mind, developing a common code base (continuing the work started with SharpHound Common and our strategy around AzureHound) for the entire BloodHound product suite became a priority for 2023.

What does this mean for you?

No need to mince words here.

BloodHound CE will remain focused on the security testing mission — to enable organizations to identify, test, and validate Attack Path risk. Effectively, BloodHound CE will continue to be what BloodHound Legacy has always been, and we will continue to expand the ability to identify Attack Paths with more accuracy and coverage than ever before.

BloodHound Enterprise (BHE) will remain focused on the risk management mission — to enable organizations to continuously identify, measure, and remediate Attack Path risk across the environment. BHE will receive the same coverage and accuracy enhancements added to all BloodHound products but will benefit from the ongoing collection, data reconciliation, and all analysis functionalities necessary to manage risk following the Attack Path Management framework within an organization consistently.

BloodHound product family feature comparison — full version here.

Releases

With the release of BloodHound CE, both CE and BHE now run on the same base code. This deduplication of effort will enhance our ability to deliver, test, and maintain the BloodHound product family and will allow us to better track and manage bug reports and feature requests across the BloodHound product family, making everything faster and more efficient.

With this improved efficiency, we expect the release cadence for BloodHound CE to increase dramatically.

Support and enablement

The community surrounding the BloodHound product family has been incredibly generous with their time in creating educational content and supporting one another. Unfortunately, few people understand BloodHound Legacy well enough to respond to many of the more challenging or in-depth questions.

While licensed product support remains an offering limited to BloodHound Enterprise customers, the convergence of code and capability immediately means more people from SpecterOps have direct expertise and experience in supporting the product. Most notably, the BloodHound Enterprise Customer Success team members who focus on enabling our BHE customers to be successful with the product will now be able to help out with enablement and support opportunities for BloodHound CE.

Among other duties, the BloodHound Enterprise Customer Success team supports our customers during issues and maintains our product documentation to ensure customers understand how to use the product. The benefits here for the community are two-fold:

  • There will be an additional support team capable of responding to questions about issues and product usage (when not supporting BHE customers).
  • Much of the product documentation, enablement videos, content, etc., this team develops will apply to BloodHound CE and BHE.

We are incredibly grateful for the community’s efforts over the past few years in generating much of this content, and we look forward to even better partnerships with the community in the future!

Conclusion and what’s next

We converged both BloodHound products into a single code-base to honor our commitments to the community when we released BloodHound Enterprise. Code convergence results in a better product, better long-term sustainability, and a renewed commitment to maintaining the BloodHound products you know and love.

This blog focused specifically on the areas of improvement that don’t exactly fit a traditional release blog and the more intangible benefits of this release. The following two blogs in this series will feel much more like the release blogs you’re used to: first, on the features coming to BloodHound Enterprise as a result of this project; then, the BloodHound CE release blog from Andy Robbins on August 8, 2023 will go live alongside all the new early access code that we can’t wait to share with you.


Your new best friend: Introducing BloodHound Community Edition was originally published in Posts By SpecterOps Team Members on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from Posts By SpecterOps Team Members - Medium authored by Stephen Hinck. Read the original post at: https://posts.specterops.io/your-new-best-friend-introducing-bloodhound-community-edition-cb908446e270?source=rss----f05f8696e3cc---4