BloodHound Enterprise aids numerous organizations in meeting their compliance requirements through our continuous monitoring of identity Attack Path exposure within their environments. We're eager to support you and your auditors in gaining a deeper understanding of the inner workings of BloodHound Enterprise and how we can help you meet your compliance goals.
Below, you'll find tables outlining various standard controls, detailing how BloodHound Enterprise supports these controls, and mapping them to relevant sections within the specific compliance frameworks.
Within each table, the specific controls can be expanded to learn how BloodHound Enterprise satisfies each particular control.
Asset Management
Control Category/Activity |
How Does Bloodhound Enterprise Satisfy This Control? |
|||||
---|---|---|---|---|---|---|
Asset Management The organization retains control over a system of devices, which undergoes reconciliation at intervals defined by the organization. |
Inventory of Active Directory/Azure environments and objects is accomplished by scheduled scans/on-demand scans of the environment. |
|
Risk Assessment
Control Category/Activity |
How Does Bloodhound Enterprise Satisfy This Control? |
|
||||
---|---|---|---|---|---|---|
Risk Assessment The organization employs mechanisms to understand the cybersecurity risk to operations, assets, and individuals. |
BloodHound Enterprise automated analysis will generate a quantifiable attack path exposure metric related in identity attack paths that can help to satisfy this control. |
|
Configuration Management
Control Category/Activity |
How Does Bloodhound Enterprise Satisfy This Control? |
|
||||
---|---|---|---|---|---|---|
Configuration Management The organization employs proactive mechanisms to detect deviations from baseline configurations within production environments. |
Analysis of Active Directory/Azure Identities audits user and object permissions for deviations from established access and identity baselines |
|
Detection
Control Category/Activity |
How Does Bloodhound Enterprise Satisfy This Control? |
|
||||
---|---|---|---|---|---|---|
Detection The organization employs mechanisms within the environment that continuously monitor for anomalies and events. |
Identity Attack Path vectors are assigned a severity rating in BloodHound Enterprise when detected during routine and on-demand scans |
|
|
Respond
Control Category/Activity |
How Does Bloodhound Enterprise Satisfy This Control? |
|
||||
---|---|---|---|---|---|---|
Respond Activities are performed to ensure effective response, support recovery activities, and mitigating steps are taken to prevent the expansion of an incident. |
Bloodhound Enterprise detects and reports identified attack paths with a quantifiable risk metric and inventory of all impacted systems. Relevant remediation and mitigation documentation provided during analysis may help to satisfy this control. |
|
Updated