Skip to main content
ReleaseBloodHoundOpenHoundSharpHoundAzureHound
2026-04-13v9.0.0v0.1.0v2.12.0v2.12.0
Use the filters on the right side of this page to narrow down the updates by component. You can select multiple filters at the same time to refine your results.
OpenHound
Data Collection
New Feature

OpenHound Data Collector Framework

Collect and convert data from GitHub, Jamf, and Okta with OpenHound, a standardized framework for building and running OpenGraph collectors and converters.OpenHound is built in Python and powered by the Data Load Tool (DLT) library so you can follow a consistent workflow to collect, process, and convert data from external sources into BloodHound-compatible graphs. You can run OpenHound as a containerized service or as a standalone CLI application.
BloodHound
OpenGraph
New Feature

OpenGraph Extension Management

Use the new OpenGraph Management page to upload, view, update, and delete OpenGraph extensions so you can manage structured graph support.OpenGraph extensions define the schema for your custom graph data, including node and edge types, icons, properties, and relationships, so ingestion stays consistent and predictable.This release also exposes experimental OpenGraph Management APIs so you can evaluate and automate extension workflows:
MethodEndpointDescription
GET/api/v2/extensionsGet a list of all OpenGraph extensions.
PUT/api/v2/extensionsUpserts the OpenGraph extension.
DELETE/api/v2/extensions/{extension_id}Delete an OpenGraph extension.
GET/api/v2/extension-edgesGet a list of all edge kinds across OpenGraph schemas.
BloodHound
OpenGraph
New Feature

OpenGraph Findings

BloodHound Enterprise logoThis release integrates OpenGraph data into analysis, metrics, and findings reporting. OpenGraph extensions now have explicit support for platform-specific findings (and remediation guidance) beyond Active Directory and Entra ID.Support for findings provides a more comprehensive picture of your organization’s risks and vulnerabilities with a cross-platform view that will continue to cover more systems. It provides more visibility into issues, and empowers you to strengthen your security posture with confidence in ways that haven’t been possible before.
This is a SpecterOps-managed feature. If it is not enabled in your environment, contact your account team for assistance.
BloodHound
Administration
New Feature

Environment Targeted Access Control

BloodHound Enterprise logoConfigure access control policies in BloodHound Enterprise with Environment Targeted Access Control (ETAC), a new premium add-on that dynamically limits environment access for User and Read-only roles.ETAC allows you to scope user access by environment, restricting which environments users can explore and analyze. This is especially useful in large, complex environments where users only need access to a specific subset of environments to perform their work.
This is a SpecterOps-managed feature. If it is not enabled in your environment, contact your account team for assistance.
SharpHound
Data Collection
New Feature

SharpHound Integrated Windows Authentication

BloodHound Enterprise logoAuthenticate SharpHound Enterprise with Active Directory Federation Services (ADFS) using Integrated Windows Authentication (IWA).This release adds an IWA-based authentication path for SharpHound Enterprise deployments that rely on ADFS for Windows-based authentication workflows.
BloodHound
Explore
Enhancement

Graph Readability Improvements

Explore graphs with improved node labels, clearer directional arrows, and more intuitive selection behavior:
  • Node labels now display below nodes and include a second line identifying the source platform and type (for example, Active Directory | Group). Long labels are truncated with an ellipsis and show the full text on selection.
  • Edges now feature higher-contrast directional arrows that connect directly to nodes instead of node labels, making it easier to follow relationship paths at default zoom levels.
  • The Entity panel now closes when clicking on the graph background to clear selection, giving you more space to explore the graph without manually closing the panel.
    Screenshot of graph readability improvements, including updated node labels and directional arrows
BloodHound
Explore
Enhancement

Table View Column Organization

Work through table data faster with better control over column layout.This release adds stronger column organization options for table-heavy analysis tasks. You can now drag-and-drop columns to reorder them.By default, the Node Type and Name columns are pinned. Moving an unpinned column into a group of pinned columns pins it. Similarly, moving a pinned column out of a pinned group unpins it. You can manage pinned columns and reset column order and size from the Columns menu.
An animated view showing the column organization options in the table view, including drag-and-drop reordering
BloodHound
Explore
Enhancement

Improved Graph Export Filenames

Export graph data with more useful filenames to avoid repeated bh-graph.json collisions in your local filesystem.Exported graph files now include a timestamp in the filename to make it easier to manage multiple exports without manually renaming files. For example:
bh-graph-2026-04-07_13-27-14.json
BloodHound
Administration
Enhancement
Use a more predictable navigation experience with improved expand and collapse behavior in the primary sidebar.The updated navigation sidebar defaults to expanded for new users, supports persistent collapse state, and improves discoverability of menu items and submenus.
Animated view of the updated navigation sidebar with improved expand and collapse behavior
BloodHound
Data Collection
Enhancement

Azure Hybrid Post-Processing and Data Hygiene

Keep hybrid Azure and Active Directory (AD) relationship data cleaner with less unnecessary graph churn during post-processing.This release optimizes role-assignment processing and stops creating placeholder AD objects during Azure ingest and hybrid post-processing so relationships are only created when both Azure and AD context is available. This significantly improves analysis time for tenants with large Azure environments.
BloodHound
Explore
Enhancement
Filter search results by node type to find relevant OpenGraph data faster.This enhancement adds support for node type filtering for OpenGraph nodes.
BloodHound
Administration
Enhancement

HasSession Edge Deletion

Refresh time-sensitive session data without clearing the entire graph by deleting only HasSession edges from the database.This enhancement adds a dedicated HasSession checkbox to the Database Management page so you can remove stale session relationships before recollecting updated session data.
Screenshot of the HasSession edge deletion checkbox on the Database Management page
BloodHound
Accessibility
Enhancement

Accessibility Improvements

Navigate BloodHound more effectively with assistive technologies through clearer component naming and better non-text content labeling across the interface.This accessibility work strengthens screen reader compatibility by improving role, state, and value semantics and adding or refining labels for visual UI elements.
BloodHound
Zone Builder
Enhancement

Certification Selection Behavior

BloodHound Enterprise logoCertify objects in Privilege Zones with clearer list selection behavior that stays aligned with the object details panel.Clicking either a row or a checkbox now opens that object’s details in the object details panel. When multiple checkboxes are selected, the most recently checked object takes focus until you select a row; unchecking an item does not clear the current focused object.Selections persist through page refresh, but navigating away from the page and back will reset selection to the default state with no objects selected.
Animated view of the updated Privilege Zone certification selection behavior, showing checkbox-driven focus and persistence through page refresh
BloodHound
Posture
Enhancement

Posture Metric Abbreviation

BloodHound Enterprise logoAnalyze posture metrics with more precise counts.This release expands how many digits are shown before rounding for key metrics on the Posture page, so changes in large environments are easier to track. Posture metrics now show up to five digits before abbreviating values.
  • This applies to the Count and Change columns in the Attack Paths table, and Attack Paths, Findings, and Tier Zero Objects counts in the Attack Path Summary panel.
  • After values exceed five digits, BloodHound abbreviates values using standard rounding with compact suffixes (for example, xxxK, y.yyyM, and z.zzzB).
    Screenshot showing the increased metric precision on the Posture page, including examples of abbreviated values with compact suffixes
BloodHound
Posture
Enhancement

Custom Range Validation

BloodHound Enterprise logoAnalyze posture trends with more reliable custom date/time range behavior.This release adds stricter validation for Custom Range selections to prevent future end times that could cause confusion and inconsistent chart behavior.The time picker disables future hour selections when the end date is set to today, and manual future end time entries are blocked with an inline validation error.
Screenshot showing the custom range validation improvements, including disabled future hour selections and inline validation error for manual future end time entries
BloodHound
Fixed Issues

API and Auth

  • Resolved an issue where fuzzy search on GET /api/v2/clients did not consistently apply across name, hostname, and configured_user fields.
  • Expanded auditor access to key collection and administration read endpoints, including completed jobs, events, file uploads, and bloodhound-users. This release also introduced a new CollectionReadJobs permission and removed an unused application configuration management permission.
  • Strengthened authorization checks for the /api/v2/tokens endpoint so low-privileged users cannot enumerate token metadata for other users through filter manipulation.
  • Resolved an issue where the /api/v2/graphs/edge-composition endpoint could return duplicate edges in ESC edge composition results.
  • Resolved an issue where the API Explorer did not correctly validate operator-prefixed values for query parameters, such as eq and neq.

Cypher and Explore

  • Resolved an issue where pressing the space bar in the Cypher query editor on the Explore page caused unexpected behavior.
  • Resolved an issue where the Cypher autocomplete dropdown on the Explore page rendered in the wrong position and may not be visible.
  • Resolved an issue where several prebuilt “Shortest paths…” Saved Queries queries could hit the default query timeout and fail without returning a graceful timeout response.
  • Resolved an issue where Cypher queries on PostgreSQL using multi-hop graph traversals with variable-length path patterns (for example, *1..) could fail, particularly for edges with traversal limits.
  • Resolved an issue where OPTIONAL MATCH clauses could be translated without a valid prior query frame, causing some Cypher queries to return incorrect results.

OpenGraph

Resolved an issue causing excessive memory use during ingestion of large OpenGraph data payloads.

Privilege Zones and Posture

  • Resolved an issue where long Privilege Zone rule names without spaces could overflow and stretch layout containers.
  • Resolved an issue preventing Affected Objects accordions for GPO objects from expanding on the Zone Builder page.
  • Resolved an issue where Large Default Group findings could appear incorrectly under the Tier Zero filter on the Posture page.
AzureHound
Fixed Issues
  • Resolved an issue where AzureHound filtered AZResourceGroupUserAccessAdmin results by the Owner role instead of the User Access Administrator role, causing incorrect AZUserAccessAdministrator edges on AZResourceGroup nodes.
  • Resolved an issue where AZContributor edges were not collected for Management Groups, Resource Groups, and Subscriptions, causing contributor role assignments to be absent from the graph for these resource types.