惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
GbyAI
GbyAI
SecWiki News
SecWiki News
Project Zero
Project Zero
C
Cisco Blogs
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy International News Feed
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Scott Helme
Scott Helme
A
Arctic Wolf
Security Latest
Security Latest
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Privacy & Cybersecurity Law Blog
Apple Machine Learning Research
Apple Machine Learning Research
T
Tailwind CSS Blog
The Hacker News
The Hacker News
T
Tenable Blog
雷峰网
雷峰网
有赞技术团队
有赞技术团队
V
V2EX
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threat Research - Cisco Blogs
T
Threatpost
AWS News Blog
AWS News Blog
L
LINUX DO - 热门话题
Application and Cybersecurity Blog
Application and Cybersecurity Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
S
SegmentFault 最新的问题
月光博客
月光博客
Spread Privacy
Spread Privacy
S
Secure Thoughts
宝玉的分享
宝玉的分享
博客园 - 三生石上(FineUI控件)
Forbes - Security
Forbes - Security
T
The Exploit Database - CXSecurity.com
G
GRAHAM CLULEY
The Last Watchdog
The Last Watchdog
Y
Y Combinator Blog
I
Intezer
博客园 - 【当耐特】
B
Blog RSS Feed
Attack and Defense Labs
Attack and Defense Labs
I
InfoQ
博客园 - 叶小钗
Cyberwarzone
Cyberwarzone
V2EX - 技术
V2EX - 技术
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Hugging Face - Blog
Hugging Face - Blog
H
Help Net Security
C
CERT Recently Published Vulnerability Notes

Company Updates Archives - SpecterOps

SpecterOps and OpenAI: Helping to Build a New Security Frontier with Daybreak Introducing BloodHound Scentry: Accelerate Your Identity Attack Path Management Practice with Expert Guidance Fueling the Fight Against Identity Attacks Life at SpecterOps Part II: From Dream to Reality Life at SpecterOps: The Red Team Dream Final Steps to BloodHound Enterprise for Government— FedRAMP High Compliance BloodHound Community Edition: A New Era Introducing BloodHound 4.3 — Get Global Admin More Often Introducing BloodHound 4.2 — The Azure Refactor War In Ukraine Announcing Azure in BloodHound Enterprise AWS ReadOnlyAccess: Not Even Once The Attack Path Management Manifesto Introducing BloodHound 4.0: The Azure Update “Voting is not only our right — it is our power.” — Loung Ung SpecterOps Badge Life A Push Toward Transparency Announcing Our Formal Partnership with Palantir Introducing the Adversary Resilience Methodology — Part Two Introducing the Adversary Resilience Methodology — Part One Raphael’s Thoughts: SpecterOps acquires MINIS
SpecterOps Selected for OpenAI’s Trusted Access for Cyber Program
Jared Atkinson · 2026-04-23 · via Company Updates Archives - SpecterOps

Key Takeaways 

  • SpecterOps has been named to OpenAI’s inaugural Trusted Access for Cyber (TAC) cohort (alongside Nvidia, CrowdStrike, JPMorgan Chase, and Bank of America and others) giving verified defenders governed access to advanced AI models for legitimate security use cases. 
  • Frontier AI is compressing the window between vulnerability discovery and exploitation. As adversaries use AI to move faster, detection alone is no longer sufficient. The more important question is what attackers can reach once they’re in, and whether those paths have already been closed. 
  • TAC enables SpecterOps to advance Identity Attack Path Management at machine speed, modeling how frontier AI reasons about chained permissions, lateral movement, and privilege escalation across AD, Entra, Okta, GitHub, and macOS environments. 

The News

On April 16, OpenAI announced its Trusted Access for Cyber (TAC) program, naming SpecterOps among the inaugural cohort alongside organizations including Nvidia, CrowdStrike, JPMorgan Chase, and Bank of America. TAC gives verified defenders governed access to advanced cyber-capable models for legitimate security use cases, with access scaled through identity verification and tiered controls. 

SpecterOps was selected because of our adversary tradecraft work: years of frontline experience with red teams and defenders at some of the largest enterprises and government agencies in the world, including OpenAI itself. We were also selected because of our pioneering approach to attack path management with BloodHound, which helps defenders eliminate the pathways to critical assets. The value we bring to this program goes beyond vulnerability discovery, with a focused understanding of what happens after a foothold is established, and the pathways attackers use to move laterally, escalate privilege, and reach critical assets. That distinction is why TAC matters to us. 

Learn more about the OpenAI Trusted Access for Cyber program 

Frontier models change the calculus for defenders 

For years, defenders have relied on the friction built into the offensive cycle. Finding an exploitable vulnerability takes time. Weaponizing it takes more. Moving from initial access to a high-value target requires navigating an environment that defenders understand better than the attacker does, at least at first. 

Frontier AI models like GPT-5.4-Codex promise to vastly accelerate the process of uncovering and patching vulnerabilities. At the same time, adversaries continue to get more effective at leveraging AI to exploit vulnerabilities, move laterally, accelerate privileges, and inflict damage. 

As the window between vulnerability and exploitation window gets smaller, detection alone is not enough. The more important question becomes: once an attacker gets in, what can they reach? And how do you foreclose those paths before the question becomes urgent? 

SpecterOps thinks like the adversary 

SpecterOps models enterprise environments the way attackers do. We don’t look at intended access. We show you where the rules bend and break. 

The attack paths we identify are not theoretical and rarely hinge on a single critical failure. A compromised developer account inherits GitHub permissions that expose CI secrets. A helpdesk role grants token access into Okta. Jamf, a device management platform, provides code execution on endpoints tied to privileged sessions. Individually, each permission may look reasonable but chained together they form a path to critical assets. 

What makes this problem difficult isn’t visibility into any one system – it’s understanding how permissions, identities, and trust relationships compound across platforms. That emergent risk is what adversaries exploit and what Identity Attack Path Management is designed to eliminate. 

OpenAI’s Trusted Access for Cyber program helps us research, understand, and model these relationships with speed and scale that enhances solutions like BloodHound to better manage them.  

BloodHound Enterprise now maps those cross-platform paths directly, with support for AD, Entra, Okta, GitHub, and macOS environments. With OpenGraph for BloodHound Enterprise, we continue to expand the identity platforms we map. The goal is to model not just what access was intended, but what control those permissions collectively afford when an adversary chains them together. TAC accelerates our ability to understand how frontier AI reasons about those same relationships, what paths it would identify or exploit, and what logic defenders need to close them. 

The question that matters 

As machine identities multiply and trust relationships compound across increasingly complex enterprise environments, it gets harder to answer the question of what happens when access is abused. That question also becomes much more consequential.  

TAC allows us to work at the same scale and speed as the threats we model. This is how defenders must operate going forward and why SpecterOps is shaping that future. 

Post Views: 5,096