Skip to main content
This page provides a summary of recent BloodHound product releases, including release dates, version numbers, and links to detailed release notes.
See the release notes archive for previous releases.

Announcements

New BloodHound Enterprise Capabilities

Read Justin Kohler’s recent blog post on new BloodHound Enterprise capabilities that extend Identity Attack Path Management beyond traditional identity infrastructure into Okta, GitHub, and Jamf-managed macOS environments. Register for the webinar with Jared Atkinson and Justin Kohler on March 31 to see how BloodHound Enterprise uncovers attack paths across Okta, GitHub, and Mac environments, helping teams prioritize what matters. They will also discuss additional enhancements, including Privilege Zones and role-based access control (RBAC).

New Episode: Know Your Adversary

A new episode of the Know Your Adversary podcast dropped this week. Hear from Steve Elovitz from Palo Alto Networks’ Unit 42 on how modern adversaries operate once inside an environment, why identity has become a primary entry point for many attacks, and the attack patterns his team most frequently sees during incident response engagements.

SO-CON 2026 is coming up in April!

There’s still time to save your spot at SO-CON 2026! Join us in Arlington, Virginia for our two-day (April 13-14) conference packed with talks, research, and community exchange, followed by four days (April 15-18) of deep-dive, hands-on trainings led by adversary-experienced practitioners.

2026-03-26

ReleaseBloodHoundSharpHoundAzureHound
2026-03-26v8.9.1No releaseNo release
This release resolves the following issues:
  • Resolved several issues that could cause analysis to fail.
  • Resolved an issue preventing Cypher queries on PostgreSQL from respecting minimum and maximum path length limits.
  • Resolved an issue where Cypher queries on PostgreSQL failed with the error ERROR: invalid reference to FROM-clause entry for table "s0" (SQLSTATE 42P01).
  • Resolved an issue where certain Cypher path queries on PostgreSQL could be slower than expected due to an inefficient edge-to-path join pattern.
  • BloodHound will no longer support SHA-1 cipher suites when configured to serve HTTPS directly (without a load balancer).

2026-03-23

ReleaseBloodHoundSharpHoundAzureHound
2026-03-23v8.9.0v2.11.0v2.11.0
This release introduces new features, enhancements, and fixed issues to improve data collection, OpenGraph ingestion capabilities, and general usability. Key highlights include:
  • Privilege Zones is now generally available!
  • Property-based edge matching enables hybrid edge creation using cross-system attributes, such as email, username, or hostname.
  • AzureHound collects Federated Identity Credentials (FICs) from Azure and adds new nodes and edges in BloodHound to represent these trust relationships.
  • BloodHound Enterprise now allows you to upload nodes and edges in separate OpenGraph data payloads without losing disconnected nodes after ingestion.
It also includes a breaking change for OpenGraph data payloads.

New Features

ComponentUpdateSummary
Data CollectionAzure Federated Identity CredentialsCollect and map Federated Identity Credentials with new AZFederatedIdentityCredential nodes and AZAuthenticatesTo edges.

Enhancements

ComponentUpdateSummary
OpenGraphProperty-Based Edge MatchingLink nodes by unique database identifiers or dynamically match them using specific attribute values.
OpenGraphFlexible OpenGraph Node IngestionUpload nodes and edges in separate payloads without losing disconnected nodes after ingestion.
Data CollectionImproved Logging for NTLM CollectionGet per-machine status visibility for WMI and Remote Registry attempts with clearer error details.
ExploreSearch Component Styling ConsistencySwitch between Search, Pathfinding, and Cypher tabs without layout shift.
ExploreTable Layout Scrollbar VisibilitySee and use scrollbars more reliably when table layout content overflows.

Fixed Issues

See the release notes for a full list of fixed issues in this release.

2026-03-04

ReleaseBloodHoundSharpHoundAzureHound
2026-03-04v8.7.0v2.10.0v2.10.0
This release improves graph investigation workflows in Explore and resolves reliability issues in findings export, Zone Builder tagging and filtering, and query naming. Key highlights include:
  • Explore adds resizable table columns, Meta node details in the Entity Panel, and clearer edge guidance for Azure role relationships.
  • Edge reference coverage expands with a new valid_edges.json schema for valid source-target node relationships and supported edge types.
  • Fixed issues improve findings export accuracy, Zone Builder Tier Zero tagging timing and zone membership filtering behavior, and prebuilt query naming clarity.

Enhancements

ComponentUpdateSummary
ExploreTable Column ResizingResize columns in the table layout graph view to review data more comfortably on smaller screens without changing window size.
ExploreMeta Node Information in Entity PanelReview Meta node details in the Entity Panel without encountering errors.
ExploreImproved Edge InformationReview clearer and more consistent edge guidance for AZOwner, AZOwns, and key Entra ID role edges, plus valid node relationships and supported edge types with a new valid_edges.json schema.

Fixed Issues

See the release notes for a full list of fixed issues in this release.

2026-02-17

ReleaseBloodHoundSharpHoundAzureHound
2026-02-17v8.6.1No releasev2.9.2
This release addresses the following issues:
  • Resolved an issue causing partial failures after uploading Azure sample data.
  • Resolved memory and CPU performance issues during AD Group and Local Group analysis.

2026-02-11

ReleaseBloodHoundSharpHoundAzureHound
2026-02-11v8.6.0v2.9.1v2.9.1
This release enhances data collection capabilities with new customization options, expands permissions for Cypher query management, and improves Zone Builder with better rule testing, clearer terminology, and enhanced object identification.

New Features

ComponentUpdateSummary
Data CollectionUser-Agent Flag for AzureHoundCustomize the User-Agent header used in AzureHound HTTP requests.

Enhancements

ComponentUpdateSummary
Data CollectionLast Sign-In from AzureTrack user activity based on last successful sign-in timestamp from Entra ID.
ExploreUpdated Permissions for Saved Cypher QueriesUser and Power User roles can now edit shared Cypher queries.
Zone BuilderCypher Rule TestingVerify your Cypher query with a new Run button before creating rules.
Zone BuilderConsistent Certification TerminologyRevoke button renamed to Reject to align with status filter language.
Zone BuilderZone Name in Object InformationQuickly identify the zone name instead of position when viewing object information.

Fixed Issues

12 issues resolved across BloodHound, SharpHound, and AzureHound.

2026-01-30

BloodHoundSharpHoundAzureHound
v8.5.2No releaseNo release
This release addresses an issue where Local Group relationships could be incorrectly calculated during analysis.

2026-01-27

BloodHoundSharpHoundAzureHound
v8.5.1No releaseNo release
This release addresses the following issues:
  • Resolved memory and performance issues during local group processing (DCOM, CanPSRemote, AdminTo, CanRDP).
  • Resolved an issue where custom icons for nodes in OpenGraph data did not display in the graph on the Explore page.
  • Set OpenGraph node search to enabled by default.

2026-01-22

BloodHoundSharpHoundAzureHound
v8.5.0v2.9.0v2.8.3
This release introduces new features, enhancements, and fixes to improve usability, performance, and data collection. Key highlights include:
  • Keyboard shortcuts improve accessibility
  • Zone Builder (renamed) gains clearer forms, rule guidance, and consistent terminology
  • APIs add safer filtering, member counts, and source-kind safeguards
  • Data collectors add clearer logging and configuration guidance

New Features

ComponentUpdateSummary
AdministrationKeyboard ShortcutsNavigate and act across the app without relying on the mouse.
APICount by Kind for SelectorsRetrieve member counts by primary kind to size zone/tag selectors.

Enhancements

ComponentUpdateSummary
APIFilter Asset Group Tag MembersFilter by primary kind, name, or object ID for cleaner selector results.
APISearch Asset Group TagsLimit global search to a specific tag to reduce noise.
APISelector Type CountsSee total, custom, default, and disabled selector counts per tag.
ExploreCypherTrack query execution with a running state on the Run button.
ExploreOpenGraph Node SearchFind OpenGraph nodes faster with improved search functionality.
PostureCustom Date Range Time InputAlign preset and custom ranges with a time picker for consistent results.
Zone BuilderPrivilege Zone Management (Renamed)Navigate renamed Zone Builder with clearer rule/object tabs and labels.
Zone BuilderRules FormEnable/disable rules faster and separate direct vs expanded sample results.
Zone BuilderZone and Label FormsImproved layout, quotas messaging, and protected Tier Zero cues.
Data CollectionAzureHound ConfigurationUpdated region options reflect Microsoft’s removal of Azure Germany.
Data CollectionCertificate Abuse Collection StatusComputer status logs now capture CARegistry collection progress.

Fixed Issues

12 issues resolved across BloodHound and AzureHound.