惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

AI
AI
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Google DeepMind News
Google DeepMind News
T
Tenable Blog
博客园_首页
S
Securelist
Spread Privacy
Spread Privacy
Google Online Security Blog
Google Online Security Blog
Forbes - Security
Forbes - Security
Engineering at Meta
Engineering at Meta
U
Unit 42
L
LINUX DO - 热门话题
量子位
T
Threat Research - Cisco Blogs
博客园 - 【当耐特】
C
Cyber Attacks, Cyber Crime and Cyber Security
K
Kaspersky official blog
MyScale Blog
MyScale Blog
P
Proofpoint News Feed
The Last Watchdog
The Last Watchdog
Google DeepMind News
Google DeepMind News
GbyAI
GbyAI
Martin Fowler
Martin Fowler
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Security Latest
Security Latest
Scott Helme
Scott Helme
V
Vulnerabilities – Threatpost
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
I
InfoQ
Know Your Adversary
Know Your Adversary
Cisco Talos Blog
Cisco Talos Blog
The Register - Security
The Register - Security
T
The Blog of Author Tim Ferriss
aimingoo的专栏
aimingoo的专栏
V2EX - 技术
V2EX - 技术
T
Tailwind CSS Blog
月光博客
月光博客
Recent Announcements
Recent Announcements
G
Google Developers Blog
F
Full Disclosure
W
WeLiveSecurity
宝玉的分享
宝玉的分享
腾讯CDC
G
GRAHAM CLULEY
Vercel News
Vercel News
Simon Willison's Weblog
Simon Willison's Weblog
美团技术团队
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Help Net Security
Help Net Security

Company Updates Archives - SpecterOps

SpecterOps Selected for OpenAI’s Trusted Access for Cyber Program Introducing BloodHound Scentry: Accelerate Your Identity Attack Path Management Practice with Expert Guidance Fueling the Fight Against Identity Attacks Life at SpecterOps Part II: From Dream to Reality Life at SpecterOps: The Red Team Dream Final Steps to BloodHound Enterprise for Government— FedRAMP High Compliance BloodHound Community Edition: A New Era Introducing BloodHound 4.3 — Get Global Admin More Often Introducing BloodHound 4.2 — The Azure Refactor War In Ukraine Announcing Azure in BloodHound Enterprise AWS ReadOnlyAccess: Not Even Once The Attack Path Management Manifesto Introducing BloodHound 4.0: The Azure Update “Voting is not only our right — it is our power.” — Loung Ung SpecterOps Badge Life A Push Toward Transparency Announcing Our Formal Partnership with Palantir Introducing the Adversary Resilience Methodology — Part Two Introducing the Adversary Resilience Methodology — Part One Raphael’s Thoughts: SpecterOps acquires MINIS
SpecterOps and OpenAI: Helping to Build a New Security Frontier with Daybreak
Jared Atkinson · 2026-06-23 · via Company Updates Archives - SpecterOps

Today, OpenAI announced that it is expanding access to its frontier AI cybersecurity capabilities for a trusted circle of industry partners, including SpecterOps, through the OpenAI Daybreak Cyber Partner Program. Since April, SpecterOps has participated in the OpenAI Trusted Access for Cyber program (TAC), through which our researchers have access to advanced cyber-capable models for legitimate security use cases, helping us drive AI cyber innovation. Through the Daybreak Cyber Partner Program, we will work alongside OpenAI to bring the most advanced AI capabilities to our customers, taking a pragmatic approach to cyber defense informed by years of adversary tradecraft and threat research.  

Register for the SpecterOps + OpenAI AI Training Workshop during Black Hat USA 2026

Humans and AI each bring different strengths to cybersecurity 

For years, the conversation about AI in security has centered on replacement: will AI replace the analyst, the red teamer, the CISO? That question misses what is actually happening. The scale of modern enterprise environments has crossed a threshold where human analysis alone cannot keep up. An enterprise-scale organization today may have biillions of attack paths across Active Directory, Entra, Okta, and cloud infrastructure. Employees cycle in and out. Non-human identities multiply. Configuration decisions from five years ago persist in environments no one fully understands anymore. No analyst, no matter how experienced, can hold that graph in their head.  

AI has crossed a different threshold. It can handle the analysis layer at the speed and scale this problem demands. Now the opportunity is to pair that capability with the expertise and judgment of experienced practitioners to evaluate what risks the organization can tolerate, anticipate what an adversary would prioritize given the specific context of this environment, and determine when a technically valid remediation is operationally infeasible. This is the interface where SpecterOps is building and the expertise our team brings. 

Triage is the hard problem in attack path management  

BloodHound maps attack paths. It has done that well for years. The problem that remains is triage. 

When an environment surfaces millions or billions of attack paths, the question defenders face is not whether paths exist, but which paths matter most and in what order to close them. That question requires the model to reason from attacker logic, not just graph topology. An adversary does not take the shortest path from a foothold to a critical asset. They take the path that works given the specific conditions of the environment: what credentials are accessible, which systems are monitored, where trust relationships traverse domain or cloud boundaries, where privilege chains only become dangerous in combination. A prioritization model that reasons only from structure will give different answers than one that reasons from how attackers actually make decisions. That is what our red team does on every engagement. It is the frame we are building into BloodHound’s AI integrations through the TAC program. 

That is the direction we are accelerating toward with Daybreak. Concretely, we are focused on two areas: agent interactions with BloodHound that would surface prioritized remediation guidance — which attack paths carry the most risk, why, and what change eliminates them — and automated analysis to identify enclaves worth protecting, including correlated systems, dense identity groupings, and permission concentrations that indicate where an adversary would focus. Neither of those capabilities is useful if the model reasons only from structure; they require the model to reason from intent. 

Most organizations do not know what their environment actually looks like 

The second area we are exploring addresses a problem that is harder to name but equally consequential: configuration debt has accumulated to the point where many organizations cannot accurately characterize the shape of their own identity environment.  

This is not a failure of intent. It is a structural consequence of how environments grow. A security team inheriting a decade-old Active Directory deployment faces a graph shaped by hundreds of thousands of individual decisions, most undocumented, many made by people who no longer work at the organization. The result is a graph no one fully understands.  

To make this concrete: a PCI-compliant environment should have a defined enclave. In practice, PCI-tagged systems are frequently distributed across domains or non-adjacent network segments, often as a residue of acquisitions, migrations, or incremental changes that made sense individually and created structural exposure in aggregate. The right questions–where the enclave is, why is it spread that way, what does that distribution mean for an adversary with a foothold anywhere near it–rarely get asked because surfacing the answers requires analysis at a scale human review cannot sustain.  

We are exploring automated discovery of correlated systems, identity groupings, permission concentrations, and structural blind spots within BloodHound. The goal is to surface what matters most within an otherwise overwhelming graph, so the humans making remediation decisions are working from an accurate picture of the environment, not an assumed one.  

GhostWorks AI cyber innovation lab is pursuing a parallel research track  

GhostWorks, our AI cyber innovation lab, is applying OpenAI’s frontier cyber capabilities to a different problem set: automating reverse engineering of attacker tooling and implanted software to understand evasion techniques and improve endpoint coverage. That research runs inside GhostWorks’ operational environment and feeds back into the defensive work SpecterOps does across its services and platforms.  

Read more about Ghostworks here.   

Getting the controls right is part of the research  

Finally, SpecterOps is working with OpenAI to codify safety and abuse prevention standards for embedded AI access in security contexts alongside the capability research. AI capabilities embedded in security tooling carry meaningful risk if the access controls, output scoping, and monitoring are not designed correctly from the start. The structure of the access is part of what we are figuring out.  

Defense has always been constrained by the defender’s understanding of how adversaries operate. AI is compressing the time between initial access and material impact. Adversaries who use it well will move faster than defenders who don’t. That is the core premise behind SpecterOps joining OpenAI’s Trusted Access for Cyber program. By embedding OpenAI’s capabilities into our services and technology, we can extend the benefits of frontier AI to our customers without adding operational friction. And as a program partner, we are helping to establish what responsible, embedded AI access looks like at scale across the security industry.  

Post Views: 521