SpecterOps

SpecterOps is a cybersecurity company that provides adversary-focused solutions. Its mission is to enable clients and the community to defend against adversaries through education, visibility, and proactive countermeasures. The company was founded on the belief that a true understanding of how adversaries operate is essential for defending against modern security attacks. SpecterOps aims to set the pace for the cybersecurity industry by investing in advanced training, tools, and community engagement to simulate, detect, and harden systems against sophisticated adversary tactics.

SpecterOps has built a reputation as a leader in the cybersecurity field, known for its deep expertise in adversary tradecraft. The company is recognized for its contributions to the security community, including the development of widely used open-source tools like BloodHound. Its team consists of highly sought-after experts who frequently speak at industry conferences and publish research on the latest adversary techniques. SpecterOps serves a diverse client base, including government agencies and large enterprises in sectors such as finance, healthcare, and technology. The company’s focus on transparency and knowledge sharing is a key aspect of its market reputation, aiming to improve the security posture of not only its customers but the industry as a whole.

Offerings, Capabilities, and Integrations

SpecterOps provides adversary-focused cybersecurity solutions, specializing in detecting and defending against sophisticated attackers. The company’s offerings are built on a deep understanding of adversary tradecraft, which gives it a competitive edge. This expertise allows SpecterOps to help organizations harden systems against the entire attack cycle and detect advanced threat actor activity. Its core strength lies in its Attack Path Management capabilities, which continuously map and quantify identity attack paths in Active Directory and Azure. This approach allows security teams to proactively sever attack paths without disrupting operations. SpecterOps’ reputation is bolstered by its significant contributions to the cybersecurity community, including the development of widely used open-source tools like BloodHound. The company’s solutions integrate with systems like ServiceNow, Quest OnDemand Audit, and Duo Single Sign-On, enabling customers to extend identity attack path management and respond to threats more effectively.

Products and Services

SpecterOps offers a focused portfolio of products and services designed to improve security operations against modern cyber attacks.

• BloodHound Enterprise: This is SpecterOps’ flagship product and the industry’s first Attack Path Management (APM) platform. It is designed to continuously identify, prioritize, and remediate identity attack paths in both on-premises Active Directory and Azure AD/Entra ID environments. The platform provides a graphical map of all attack paths, allowing defenders to see their environment from an attacker’s perspective and focus on eliminating the most critical risks. Recent updates have added new attack paths focused on Active Directory Certificate Services (ADCS). BloodHound Enterprise is also available for government customers and has achieved FedRAMP High Authorization.
• Security Assessments: SpecterOps provides a range of assessment services to evaluate and improve an organization’s security posture. These include penetration testing, red team engagements, and maturity assessments that leverage the company’s understanding of advanced adversary tactics.
• Program Development: The company assists organizations in building or maturing their own internal security capabilities, such as penetration testing, red teaming, purple teaming, and threat hunting programs. This service draws on experience from building teams for Fortune 500 corporations and U.S. Department of Defense entities.
• Adversary Tactics Training: SpecterOps offers training courses that equip security professionals with the skills to attack, defend, and harden their environments. Courses like “Adversary Tactics: Red Team Operations” immerse participants in simulated enterprise environments to teach advanced offensive tradecraft.
• BloodHound Community Edition (BHCE): A free and open-source version of BloodHound that helps both offensive (red) and defensive (blue) security teams understand privilege relationships in Active Directory and Azure.

Target Customers

SpecterOps primarily targets enterprise clients and government agencies, particularly those with large and complex IT environments that rely heavily on Microsoft Active Directory (AD) and Azure AD. These organizations are often prime targets for cyberattacks. The company’s solutions are designed for CISOs, Security Operations Center (SOC) teams, and security professionals responsible for identity and access management, incident response, and security assessments. SpecterOps serves a diverse range of industries, including finance, healthcare, technology, and the public sector. Customers benefit from a clearer understanding of their security risks, the ability to prioritize remediation efforts effectively, and a measurable improvement in their security posture over time. The company’s focus on Attack Path Management helps these organizations proactively eliminate millions of potential breach paths, significantly reducing their risk from identity-based attacks.

Cloud Integrations and Marketplaces

SpecterOps provides cloud integration for its BloodHound Enterprise product and maintains a presence on the AWS and Microsoft Azure cloud marketplaces.

• Microsoft Azure Integration: SpecterOps’s BloodHound Enterprise integrates with Microsoft Azure to identify, manage, and remediate identity attack paths within Azure and hybrid environments. This support extends to Entra ID (formerly Azure AD), allowing organizations to gain visibility into potential attack vectors.
• AWS Marketplace: SpecterOps lists its BloodHound Enterprise solution on the AWS Marketplace. This offering helps organizations map and prioritize identity attack paths in their Active Directory and Azure environments. A version of BloodHound Enterprise specifically for federal clients, designated as FedRAMP High, is also available.
• Azure Marketplace: BloodHound Enterprise is available on the Microsoft Azure Marketplace. This includes a FedRAMP High designated version, which provides a managed SaaS tool for visualizing and managing identity risks in Active Directory, Entra ID, and hybrid environments.

SpecterOps does not have a direct product listing on the Google Cloud Marketplace.

Key People

• Chair of the Board of Directors: Kevin Mandia
• Chief Executive Officer: David McGuire
• Chief Operations Officer: Jason Frank
• Chief Financial Officer: Tim Bender
• Chief Revenue Officer: Pat Sheridan
• Chief Marketing Officer: Bryce Hein
• Chief Product Officer: Justin Kohler
• Chief Information Security Officer: Michael Wright
• Chief of Staff: Kelly Coffman

Key Facts

• Headquarters Location: Alexandria, VA.
• Number of Employees: 150-200.
• Annual Revenue: $53.4M.
• Parent Company: None.
• Subsidiary Companies: None.
• Publicly Listed: No.

Based on publicly available information, SpecterOps is not currently featured in the major analyst reports from Gartner, Forrester, IDC, or the Everest Group, such as the Magic Quadrant, Forrester Wave, IDC MarketScape, or PEAK Matrix. A thorough review of the company’s website and other online sources did not yield any claims of such recognitions.