Risky Business Risky Biz Soap Box: Graph the planet!
31 snips
Dec 11, 2025 In a captivating discussion, Jared Atkinson, CTO of SpecterOps and a key player behind BloodHound, dives into the fascinating world of cross-platform attack path enumeration. He reveals how OpenGraph can identify intricate vulnerabilities, like linking GitHub accounts to Active Directory breaches. Jared shares insights into modeling permissions and discusses the importance of extending defenses beyond traditional platforms. He also highlights innovative community extensions and real-world examples of thwarting cyber threats, underscoring why an expansive view of attack surfaces is essential.
AI Snips
Chapters
Transcript
Episode notes
Beyond Active Directory
- Extending the graph beyond Active Directory reveals cross-platform attack paths like Azure and GitHub.
- OpenGraph provides a schema so collectors can add arbitrary nodes and edges for diverse platforms.
Centralize Identity Provisioning
- Use SSO and SCIM to centralize identity provisioning and reduce orphaned access across services.
- Validate cross-system mappings because misconfigurations can expand attack surface exponentially.
Gaps Create Hidden Attack Paths
- Gaps between systems create attack paths that often belong to nobody's direct responsibility.
- Jared warns a non-privileged AD account can map to a privileged cloud identity and threaten other platforms.