Attack Path Alert

The Attack Path Alert check identifies identities that appear in attack path findings ingested from BloodHound Enterprise. Attack paths represent sequences of relationships and permissions that could allow lateral movement or privilege escalation to reach high-value targets. When triggered, this check highlights users who may be positioned to reach sensitive assets through one or more discovered paths.

Recommended actions Validate the attack path details and remove excessive privileges or risky relationships involved in the path. Prioritize users with high impact or exposure, especially those connected to privileged roles or critical assets.

Check settings You can adjust the check settings to filter out some attack paths based on severity to reduce noise and focus on higher-risk findings.

Compatibility BloodHound Enterprise