Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
Today, adversary simulation, detection and training services provider SpecterOps announced it has raised $25 million as part of a series A funding round led by Decibel.
The raise comes just a year after SpecterOps launched BloodHound Enterprise, a platform designed to analyze attack paths within Microsoft Active Directory (AD) and Azure AD. It also highlights a growing interest in solutions that enable defenders to identify potential attack paths and vulnerabilities from a hacker’s perspective.
“Attack paths are chains of abusable configurations and permissions that let attackers move laterally and escalate privileges within their target environments,” said SpecterOps CEO David McGuire. “In contrast to vulnerabilities which can frequently be resolved through patching, attack paths exist because of the complex privileges that exist within IAM platforms like Active Directory and Azure AD.”
He continued: “Once an attacker has access to a network (maybe from a phishing email or getting an employee’s credentials from a data breach) they can use attack paths to move through the network and gain more access to deploy ransomware, steal sensitive data, conduct cyber espionage, or otherwise reach their final objective.”
Continuous analysis and prioritization
For instance, if a threat actor compromises the account of a user who has the ability to set the password of a coworker, they can reset this downstream individual’s password, login to the account and gain additional access to the environment, all while evading detection.
The organization is competing against a number of other vendors incorporating attack path analysis, including exposure management provider Tenable, which raised $683.2 million in revenue last year.
Tenable offers defenders attack path management capabilities to identify exploitable and realistic attack paths, while offering the Tenable.ad module to explore and visualize the underlying security relationships of Active Directory.
However, McGuire argues that existing solutions produce long lists of misconfigurations without prioritization or practical guidance, while BloodHound Enterprise can continuously analyze and prioritize every critical path in customer environments to help reduce risks quickly.
