Last month I was introduced to Bloodhound by the folks at SpecterOps. I got a crash-course in using the tool, and they described a methodology to use it as a tool for defenders to improve the security stance of their AD environment.   I was really impressed with the idea & tool, especially with the idea of pairing it with PAWS (or using it to help justify the cost of PAWS). Being able to show decision-makers a visual of a potential attack path (or metrics) has a high potential for helping get security mitigations approved. I especially liked the cost of the tool. 😉   Bloodhound isn’t brand-new, but I know that the security community and the AD admin community often don’t have many points of intersection, and even though I was aware of bloodhound, it never occurred to me that it could be an invaluable tool to add to my toolbox. So I thought I’d share my write-up of what I learned in that session: https://blogs.uw.edu/barkills/2018/10/17/bloodhound-ad-attack-resilience-methodology/.   Brian