From 4cc92ed2a75a842a2ad81675f41a38319612f920 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 12:05:24 -0500 Subject: [PATCH 01/28] wip: initial draft of v9.3.0 release notes --- docs/docs.json | 3 +- docs/resources/release-notes/2026-06-16.mdx | 177 ++++++++++++++++++++ 2 files changed, 179 insertions(+), 1 deletion(-) create mode 100644 docs/resources/release-notes/2026-06-16.mdx diff --git a/docs/docs.json b/docs/docs.json index 0e5442f2..fc307eb1 100644 --- a/docs/docs.json +++ b/docs/docs.json @@ -880,14 +880,15 @@ "group": "Release Notes", "pages": [ "resources/release-notes/summary", + "resources/release-notes/2026-06-16", "resources/release-notes/2026-05-28", - "resources/release-notes/2026-05-06", { "group": "Archive", "pages": [ { "group": "2026", "pages": [ + "resources/release-notes/2026-05-06", "resources/release-notes/2026-04-13", "resources/release-notes/2026-03-23", "resources/release-notes/2026-03-04", diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx new file mode 100644 index 00000000..9fb05865 --- /dev/null +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -0,0 +1,177 @@ +--- +title: 2026-06-16 Release Notes +description: Learn about new features, enhancements, and fixed issues in BloodHound. +sidebarTitle: "2026-06-16" +--- + +{/* TODO: Confirm whether to publish BED-8516, BED-8389, and BED-8357 as part of this release. The attached CSV exports list them as In Review or In Progress. */} + +| | | | | | +| --- | --- | --- | --- | --- | +| **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | +| 2026-06-16 | v9.3.0 | v0.2.0 | No release | v2.12.2 | + + + Use the filters on the right side of this page to narrow down the updates by component. You can select multiple filters at the same time to refine your results. + + + + {/*BED-8516*/} + ## API-Only Account Support for JAMF + + Authenticate to JAMF using API-only accounts instead of requiring local user accounts with username and password credentials. + + This enhancement improves security posture and compliance by eliminating the need for locally provisioned Auditor accounts that are exempt from SSO and multifactor authentication. API-only accounts provide the necessary permissions with a narrower scope, aligning with enterprise security policies and government agency compliance requirements. + + + + {/*BED-8357*/} + ## GitHub Enterprise SSO Support + + Connect OpenHound to GitHub Enterprise environments that enforce single sign-on at the enterprise level. + + This update addresses authentication failures in GitHub Enterprise environments where SSO blocked OpenHound from accessing customer repositories through the configured GitHub App. + + + + {/*BED-8336*/} + ## Reduced Read User Permissions for Non-Administrator Roles + + Experience improved security with reduced read permissions for non-administrator roles, limiting access to sensitive user data and API endpoints. + + This change addresses the Auditor role's inability to read certain APIs by implementing a more granular permission model. Non-administrator users now have access only to the endpoints and data necessary for their role, reducing the attack surface and improving overall platform security. + + + + {/*BED-8277*/} + ## Embedded SpecterOps Extension Schemas + + BloodHound now embeds SpecterOps-supported extension schemas directly in the product build. + + This update streamlines extension management by making supported schemas available without requiring a separate installation workflow, while still supporting newer extension versions as they become available. + + + + {/*BED-8246*/} + ## Full Path Highlighting in Explore + + Highlight every inbound and outbound path that traverses the selected node in Explore instead of limiting the view to a single hop. + + Full path highlighting is enabled by default and can be toggled to a one-hop view, making it easier to understand how a node participates in longer attack paths. + + + + {/*BED-8234*/} + ## Namespace Keys on the OpenGraph Management Page + + View each extension's namespace key directly on the **OpenGraph Management** page. + + This update makes it easier to identify the correct namespace prefix for extension-defined object types when you validate installations or search for extension data. + + + + {/*BED-8233*/} + ## Namespace Keys in `GET /extensions` + + The `GET /extensions` endpoint now includes each extension's namespace key in its response. + + This change gives the API and the **OpenGraph Management** page the information needed to expose the namespace prefix used for extension-defined node types. + + + + {/*BED-8207*/} + ## Updated Privilege Zone Names in Posture + + Posture now uses **Privilege Zones** terminology in the Attack Paths table instead of older **Tier Zero** naming. + + This update keeps Posture labels aligned with the current privilege zone experience across the product. + + + + {/*BED-8186*/} + ## Search Across Privilege Zone Certifications + + Search across all objects in privilege zone certification states from the certifications page. + + This improvement helps you confirm whether a specific object is already present in a zone without checking each certification state separately. + + + + {/*BED-7765*/} + ## Auditor Access Improvements for Users and Clients + + Auditors can now view the **Manage Users** and **Manage Clients** tables without requiring the permissions needed to create or modify those resources. + + This update separates table-read access from administrative actions such as **Create User**, **Create Client**, and menu-based management tasks. + + + + {/*BED-7263*/} + ## Expanded Audit Logging for Risky Actions + + Audit logs now capture additional high-risk user actions, including running Cypher queries, editing collector clients or schedules, and launching on-demand collections. + + This change improves visibility into sensitive operator actions for security reviews and compliance workflows. + + + + {/*BED-7226*/} + ## Improved Data Table Accessibility + + Data tables now provide more accessible headers, sorting behavior, keyboard navigation, and screen reader announcements. + + This update improves table usability across supported browsers and helps align the experience with WCAG 2.1 accessibility requirements. + + + + {/*BED-7082*/} + ## Increased Memory Limits for User Queries + + BloodHound now supports higher memory limits for user-submitted queries. + + This change raises the default user query memory ceiling from 1 GB to 2 GB and carries that limit through the PG DAWGS driver, improving support for more demanding query workloads. + + + + {/*BED-6272*/} + ## Smarter Default Views for Query Results + + BloodHound now selects a more contextually relevant default view when query results return only nodes and you have not chosen a sticky layout. + + This update improves table-view behavior while still preserving explicit layout selections when you manually choose how results should display. + + + + {/*BED-5230*/} + ## Tier and Label Row Improvements + + Tier and label rows now provide a richer management layout with drag handles, summary metrics, and context-specific action controls. + + This update improves the row-level experience for multi-zone management workflows by making ordering and navigation controls easier to access. + + + + ## API + + - {/*BED-6775*/} Resolved an issue where Composition and Relay Target lists on several ADCS edges (`CoerceAndRelayNTLMToADCS`, `CoerceAndRelayNTLMToSMB`, `ADCSESC1`, `ADCSESC3`) failed to populate, returning empty node and edge data. + - {/*BED-7088*/} Resolved an issue where the `POST /selectors-preview` endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. + + ## Explore and Cypher + + - {/*BED-7759*/} Fixed an issue where editing a saved query while another query was selected displayed the wrong query in the edit box, potentially causing you to overwrite the wrong saved query. + - {/*BED-8360*/} Fixed a performance issue where reusing Cypher query variables caused queries to run significantly slower instead of making them more restrictive as intended. + + ## Posture + + - {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank, with chart axes and datapoints disappearing completely. + + + + - {/*BED-8176*/} Resolved an issue where hosted `edge-*` AzureHound container images embedded an invalid collector version string (`v0.0.0-rolling++docker`), preventing successful data uploads to BloodHound Enterprise. + + The version string did not comply with BloodHound Enterprise's semver validation rules implemented in April 2026, causing uploads to return `400 Bad Request` with "This client is unsupported: error parsing client version string". Container images now use proper semantic versioning. + + + + {/*BED-8389*/} Resolved an issue where the OpenHound Okta Collector appeared to connect successfully but returned incomplete data, with relevant Okta-based saved queries returning no results. + From 98a571cd8d0c40b00efea2ad4907ff1fa476f4a1 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 12:24:21 -0500 Subject: [PATCH 02/28] wip: removed old, mis-tagged issue for PZM --- docs/resources/release-notes/2026-06-16.mdx | 95 ++++++++++----------- 1 file changed, 46 insertions(+), 49 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 9fb05865..12c66486 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -42,24 +42,6 @@ sidebarTitle: "2026-06-16" This change addresses the Auditor role's inability to read certain APIs by implementing a more granular permission model. Non-administrator users now have access only to the endpoints and data necessary for their role, reducing the attack surface and improving overall platform security. - - {/*BED-8277*/} - ## Embedded SpecterOps Extension Schemas - - BloodHound now embeds SpecterOps-supported extension schemas directly in the product build. - - This update streamlines extension management by making supported schemas available without requiring a separate installation workflow, while still supporting newer extension versions as they become available. - - - - {/*BED-8246*/} - ## Full Path Highlighting in Explore - - Highlight every inbound and outbound path that traverses the selected node in Explore instead of limiting the view to a single hop. - - Full path highlighting is enabled by default and can be toggled to a one-hop view, making it easier to understand how a node participates in longer attack paths. - - {/*BED-8234*/} ## Namespace Keys on the OpenGraph Management Page @@ -69,33 +51,6 @@ sidebarTitle: "2026-06-16" This update makes it easier to identify the correct namespace prefix for extension-defined object types when you validate installations or search for extension data. - - {/*BED-8233*/} - ## Namespace Keys in `GET /extensions` - - The `GET /extensions` endpoint now includes each extension's namespace key in its response. - - This change gives the API and the **OpenGraph Management** page the information needed to expose the namespace prefix used for extension-defined node types. - - - - {/*BED-8207*/} - ## Updated Privilege Zone Names in Posture - - Posture now uses **Privilege Zones** terminology in the Attack Paths table instead of older **Tier Zero** naming. - - This update keeps Posture labels aligned with the current privilege zone experience across the product. - - - - {/*BED-8186*/} - ## Search Across Privilege Zone Certifications - - Search across all objects in privilege zone certification states from the certifications page. - - This improvement helps you confirm whether a specific object is already present in a zone without checking each certification state separately. - - {/*BED-7765*/} ## Auditor Access Improvements for Users and Clients @@ -123,6 +78,24 @@ sidebarTitle: "2026-06-16" This update improves table usability across supported browsers and helps align the experience with WCAG 2.1 accessibility requirements. + + {/*BED-8233*/} + ## Namespace Keys in `GET /extensions` + + The `GET /extensions` endpoint now includes each extension's namespace key in its response. + + This change gives the API and the **OpenGraph Management** page the information needed to expose the namespace prefix used for extension-defined node types. + + + + {/*BED-8246*/} + ## Full Path Highlighting in Explore + + Highlight every inbound and outbound path that traverses the selected node in Explore instead of limiting the view to a single hop. + + Full path highlighting is enabled by default and can be toggled to a one-hop view, making it easier to understand how a node participates in longer attack paths. + + {/*BED-7082*/} ## Increased Memory Limits for User Queries @@ -141,13 +114,37 @@ sidebarTitle: "2026-06-16" This update improves table-view behavior while still preserving explicit layout selections when you manually choose how results should display. + + {/*BED-8277*/} + ## Embedded SpecterOps Extension Schemas + + BloodHound Enterprise logo + + BloodHound now embeds SpecterOps-supported extension schemas directly in the product build. + + This update streamlines extension management by making supported schemas available without requiring a separate installation workflow, while still supporting newer extension versions as they become available. + + - {/*BED-5230*/} - ## Tier and Label Row Improvements + {/*BED-8207*/} + ## Updated Privilege Zone Names in Posture - Tier and label rows now provide a richer management layout with drag handles, summary metrics, and context-specific action controls. + BloodHound Enterprise logo - This update improves the row-level experience for multi-zone management workflows by making ordering and navigation controls easier to access. + Posture now uses **Privilege Zones** terminology in the Attack Paths table instead of older **Tier Zero** naming. + + This update keeps Posture labels aligned with the current privilege zone experience across the product. + + + + {/*BED-8186*/} + ## Search Across Privilege Zone Certifications + + BloodHound Enterprise logo + + Search across all objects in privilege zone certification states from the certifications page. + + This improvement helps you confirm whether a specific object is already present in a zone without checking each certification state separately. From 82a4b2fa91a4cc30a31712f122126d2db75f1cf5 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 12:40:21 -0500 Subject: [PATCH 03/28] wip: removed old AzureHound fixed issue --- docs/resources/release-notes/2026-06-16.mdx | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 12c66486..57eba165 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -163,12 +163,6 @@ sidebarTitle: "2026-06-16" - {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank, with chart axes and datapoints disappearing completely. - - - {/*BED-8176*/} Resolved an issue where hosted `edge-*` AzureHound container images embedded an invalid collector version string (`v0.0.0-rolling++docker`), preventing successful data uploads to BloodHound Enterprise. - - The version string did not comply with BloodHound Enterprise's semver validation rules implemented in April 2026, causing uploads to return `400 Bad Request` with "This client is unsupported: error parsing client version string". Container images now use proper semantic versioning. - - {/*BED-8389*/} Resolved an issue where the OpenHound Okta Collector appeared to connect successfully but returned incomplete data, with relevant Okta-based saved queries returning no results. From e15ecdd313aa62e0f4da3e75d58daef434b401f7 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 13:27:32 -0500 Subject: [PATCH 04/28] wip: add no-op stub for AzureHound --- docs/resources/release-notes/2026-06-16.mdx | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 57eba165..cda5cd86 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -153,14 +153,21 @@ sidebarTitle: "2026-06-16" - {/*BED-6775*/} Resolved an issue where Composition and Relay Target lists on several ADCS edges (`CoerceAndRelayNTLMToADCS`, `CoerceAndRelayNTLMToSMB`, `ADCSESC1`, `ADCSESC3`) failed to populate, returning empty node and edge data. - {/*BED-7088*/} Resolved an issue where the `POST /selectors-preview` endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. - ## Explore and Cypher + ## Cypher - {/*BED-7759*/} Fixed an issue where editing a saved query while another query was selected displayed the wrong query in the edit box, potentially causing you to overwrite the wrong saved query. - {/*BED-8360*/} Fixed a performance issue where reusing Cypher query variables caused queries to run significantly slower instead of making them more restrictive as intended. ## Posture - - {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank, with chart axes and datapoints disappearing completely. + BloodHound Enterprise logo + + {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank, with chart axes and datapoints disappearing completely. + + + + {/*no-op-jiras*/} Resolved issues with the AzureHound build and release process. + From 15f0f773c8ade7a678945090104005a159a27e13 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 14:07:24 -0500 Subject: [PATCH 05/28] wip: copyedit jamf api client feature --- docs/resources/release-notes/2026-06-16.mdx | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index cda5cd86..b78f2f5d 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -17,11 +17,11 @@ sidebarTitle: "2026-06-16" {/*BED-8516*/} - ## API-Only Account Support for JAMF + ## Jamf API Client Authentication - Authenticate to JAMF using API-only accounts instead of requiring local user accounts with username and password credentials. + Authenticate the OpenHound Jamf collector with a Jamf Pro API client instead of relying on a Jamf user account and password. - This enhancement improves security posture and compliance by eliminating the need for locally provisioned Auditor accounts that are exempt from SSO and multifactor authentication. API-only accounts provide the necessary permissions with a narrower scope, aligning with enterprise security policies and government agency compliance requirements. + This update adds support for Jamf [API clients](/openhound/collectors/jamf/collect-data) as the recommended authentication method. API clients are not tied to a user account, can be scoped to a dedicated API role, and can be rotated or revoked independently, making them a better fit for production environments and least-privilege access. @@ -171,5 +171,5 @@ sidebarTitle: "2026-06-16" - {/*BED-8389*/} Resolved an issue where the OpenHound Okta Collector appeared to connect successfully but returned incomplete data, with relevant Okta-based saved queries returning no results. + {/*BED-8389*/} Resolved an issue where the the OpenHound Okta collector appeared to connect successfully but returned incomplete data, with relevant Okta-based saved queries returning no results. From 66fc1962efa1b3ea0d1a7c91fc2df85f38d8e77a Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 14:22:07 -0500 Subject: [PATCH 06/28] chore: moved AzureHound fixed issue to latest release --- docs/resources/release-notes/2026-05-28.mdx | 8 -------- docs/resources/release-notes/2026-06-16.mdx | 13 +++++++------ 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/docs/resources/release-notes/2026-05-28.mdx b/docs/resources/release-notes/2026-05-28.mdx index d5ed6563..f0a9c296 100644 --- a/docs/resources/release-notes/2026-05-28.mdx +++ b/docs/resources/release-notes/2026-05-28.mdx @@ -179,11 +179,3 @@ sidebarTitle: "2026-05-28" - {/*BED-6632*/} Resolved an issue where local principal kinds were labeled inconsistently, which could lead to incorrect handling of local group and local user objects. - {/*BED-7625*/} Resolved an issue where [`AllowedToDelegate`](/resources/edges/allowed-to-delegate) edges were not created when `msDS-AllowedToDelegateTo` values existed but specific delegation flags were not set. - - - ## Collection Compatibility - - BloodHound Enterprise logo - - {/*BED-8176*/} Resolved an issue for hosted `edge-*` AzureHound container images where an invalid collector version string caused BloodHound to reject uploads from the collector as unsupported. - diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index b78f2f5d..a55c6114 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -30,7 +30,7 @@ sidebarTitle: "2026-06-16" Connect OpenHound to GitHub Enterprise environments that enforce single sign-on at the enterprise level. - This update addresses authentication failures in GitHub Enterprise environments where SSO blocked OpenHound from accessing customer repositories through the configured GitHub App. + This update addresses authentication failures in GitHub Enterprise environments where SSO blocked OpenHound from accessing repositories through the configured GitHub App. @@ -165,11 +165,12 @@ sidebarTitle: "2026-06-16" {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank, with chart axes and datapoints disappearing completely. - - {/*no-op-jiras*/} Resolved issues with the AzureHound build and release process. - - - {/*BED-8389*/} Resolved an issue where the the OpenHound Okta collector appeared to connect successfully but returned incomplete data, with relevant Okta-based saved queries returning no results. + + + BloodHound Enterprise logo + + {/*BED-8176*/} Resolved an issue for hosted `edge-*` AzureHound container images where an invalid collector version string caused BloodHound to reject uploads from the collector as unsupported. + From d81bcfa0ced1cd4cc73249811c69ba8e0751744c Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 14:41:35 -0500 Subject: [PATCH 07/28] wip: copyedit fixed issue descriptions --- docs/assets/opengraph/opengraph-node.json | 2 +- docs/opengraph/developer/nodes.mdx | 2 +- docs/resources/release-notes/2026-06-16.mdx | 10 +++++++--- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/docs/assets/opengraph/opengraph-node.json b/docs/assets/opengraph/opengraph-node.json index 4dbcef0c..73b3f3f4 100644 --- a/docs/assets/opengraph/opengraph-node.json +++ b/docs/assets/opengraph/opengraph-node.json @@ -37,7 +37,7 @@ "kinds": { "type": ["array"], "items": { "type": "string" }, - "minItems": 1, + "minItems": 0, "maxItems": 3, "description": "An array of kind labels for the node. The first element is treated as the node's primary kind and is used to determine which icon to display in the graph UI. This primary kind is only used for visual representation and has no semantic significance for data processing." } diff --git a/docs/opengraph/developer/nodes.mdx b/docs/opengraph/developer/nodes.mdx index 7a63aa56..2d8864b7 100644 --- a/docs/opengraph/developer/nodes.mdx +++ b/docs/opengraph/developer/nodes.mdx @@ -189,7 +189,7 @@ Use the following JSON schema for validation requirements. You can also download "kinds": { "type": ["array"], "items": { "type": "string" }, - "minItems": 1, + "minItems": 0, "maxItems": 3, "description": "An array of kind labels for the node. The first element is treated as the node's primary kind and is used to determine which icon to display in the graph UI. This primary kind is only used for visual representation and has no semantic significance for data processing." } diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index a55c6114..9e98a45a 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -150,8 +150,12 @@ sidebarTitle: "2026-06-16" ## API - - {/*BED-6775*/} Resolved an issue where Composition and Relay Target lists on several ADCS edges (`CoerceAndRelayNTLMToADCS`, `CoerceAndRelayNTLMToSMB`, `ADCSESC1`, `ADCSESC3`) failed to populate, returning empty node and edge data. - - {/*BED-7088*/} Resolved an issue where the `POST /selectors-preview` endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. + - {/*BED-6775*/} Resolved an issue where the **Composition** and **Relay Target** Entity panel accordions did not populate for several ADCS edges, causing the related node and edge data to appear empty. + - [CoerceAndRelayNTLMToADCS](/resources/edges/coerce-and-relay-ntlm-to-adcs) + - [CoerceAndRelayNTLMToSMB](/resources/edges/coerce-and-relay-ntlm-to-smb) + - [ADCSESC1](/resources/edges/adcs-esc1) + - [ADCSESC3](/resources/edges/adcs-esc3) + - {/*BED-7088*/} Resolved an issue where the [POST `/api/v2/asset-group-tags/preview-selectors`](/reference/asset-isolation/preview-selectors) endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. ## Cypher @@ -162,7 +166,7 @@ sidebarTitle: "2026-06-16" BloodHound Enterprise logo - {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank, with chart axes and datapoints disappearing completely. + {/*BED-8392*/} Resolved an issue where enabling **Logarithmic Chart Scale** caused the **Historical Findings** and **Total Attack Paths** charts to go blank. From 148d912140d32b28a4a07cff960c643cccd69a5c Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 15:42:02 -0500 Subject: [PATCH 08/28] wip: copyedit administration enhancements --- docs/resources/release-notes/2026-06-16.mdx | 46 ++++++++++----------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 9e98a45a..dd6d6411 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -4,8 +4,6 @@ description: Learn about new features, enhancements, and fixed issues in BloodHo sidebarTitle: "2026-06-16" --- -{/* TODO: Confirm whether to publish BED-8516, BED-8389, and BED-8357 as part of this release. The attached CSV exports list them as In Review or In Progress. */} - | | | | | | | --- | --- | --- | --- | --- | | **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | @@ -35,36 +33,29 @@ sidebarTitle: "2026-06-16" {/*BED-8336*/} - ## Reduced Read User Permissions for Non-Administrator Roles + ## Reduced Read Permissions for Non-Administrator Roles - Experience improved security with reduced read permissions for non-administrator roles, limiting access to sensitive user data and API endpoints. + Read access for the **User**, **Power User**, and **Read-only** roles has been reduced to limit exposure to sensitive user data and administrative API endpoints. - This change addresses the Auditor role's inability to read certain APIs by implementing a more granular permission model. Non-administrator users now have access only to the endpoints and data necessary for their role, reducing the attack surface and improving overall platform security. - - - - {/*BED-8234*/} - ## Namespace Keys on the OpenGraph Management Page - - View each extension's namespace key directly on the **OpenGraph Management** page. - - This update makes it easier to identify the correct namespace prefix for extension-defined object types when you validate installations or search for extension data. + This update refines the permission model for administration-related APIs so these roles retain access only to the endpoints and data required for their supported workflows. + + For example, these roles can use the [List Users Minimal](/reference/bloodhound-users/list-users-minimal) endpoint to read user data, but cannot access sensitive information through the broader [List Users](/reference/bloodhound-users/list-users) endpoint. {/*BED-7765*/} ## Auditor Access Improvements for Users and Clients - Auditors can now view the **Manage Users** and **Manage Clients** tables without requiring the permissions needed to create or modify those resources. + Users with the **Auditor** role can now view the **Manage Users** and **Manage Clients** tables without requiring the permissions needed to create or modify those resources. - This update separates table-read access from administrative actions such as **Create User**, **Create Client**, and menu-based management tasks. + This update adds read-only access to those management views while keeping administrative actions such as **Create User**, **Create Client**, and other modification workflows restricted to the **Admin** role. {/*BED-7263*/} ## Expanded Audit Logging for Risky Actions - Audit logs now capture additional high-risk user actions, including running Cypher queries, editing collector clients or schedules, and launching on-demand collections. + [Audit logs](/reference/audit/list-audit-logs) now capture additional high-risk user actions, including running Cypher queries, editing collector clients or schedules, and running on-demand collections. This change improves visibility into sensitive operator actions for security reviews and compliance workflows. @@ -96,6 +87,15 @@ sidebarTitle: "2026-06-16" Full path highlighting is enabled by default and can be toggled to a one-hop view, making it easier to understand how a node participates in longer attack paths. + + {/*BED-6272*/} + ## Smarter Default Views for Query Results + + BloodHound now selects a more contextually relevant default view when query results return only nodes and you have not chosen a sticky layout. + + This update improves table-view behavior while still preserving explicit layout selections when you manually choose how results should display. + + {/*BED-7082*/} ## Increased Memory Limits for User Queries @@ -105,17 +105,17 @@ sidebarTitle: "2026-06-16" This change raises the default user query memory ceiling from 1 GB to 2 GB and carries that limit through the PG DAWGS driver, improving support for more demanding query workloads. - - {/*BED-6272*/} - ## Smarter Default Views for Query Results + + {/*BED-8234*/} + ## Namespace Keys on the OpenGraph Management Page - BloodHound now selects a more contextually relevant default view when query results return only nodes and you have not chosen a sticky layout. + View each extension's namespace key directly on the **OpenGraph Management** page. - This update improves table-view behavior while still preserving explicit layout selections when you manually choose how results should display. + This update makes it easier to identify the correct namespace prefix for extension-defined object types when you validate installations or search for extension data. - {/*BED-8277*/} + {/*BED-8277*/} ## Embedded SpecterOps Extension Schemas BloodHound Enterprise logo From bd0200b389647521baa2914b8853d3a2ae47714f Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 16:18:35 -0500 Subject: [PATCH 09/28] wip: add TODOs for enhancements that require supporting doc updates --- docs/resources/release-notes/2026-06-16.mdx | 48 +++++++++++---------- 1 file changed, 26 insertions(+), 22 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index dd6d6411..2fe46f8f 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -70,18 +70,32 @@ sidebarTitle: "2026-06-16" - {/*BED-8233*/} + {/*BED-8233,BED-8234*/} ## Namespace Keys in `GET /extensions` - The `GET /extensions` endpoint now includes each extension's namespace key in its response. + The [List OpenGraph Extensions Information](/reference/opengraph-experimental/list-opengraph-extensions-information) endpoint now includes each extension's [`namespace`](/opengraph/developer/graph-definition#param-namespace) key in its response body. - This change gives the API and the **OpenGraph Management** page the information needed to expose the namespace prefix used for extension-defined node types. + This change gives the API and the [OpenGraph Management](/opengraph/extensions/manage) page the information needed to expose the namespace prefix used for extension-defined node types. + + + + {/*BED-7082*/} + ## Increased Memory Limits + + TODO: Update user guide (bhe.config.json) and refine this description. + + BloodHound now supports higher memory limits for user-submitted queries. + + This change raises the default user query memory ceiling from 1GB to 2GB, improving support for more demanding query workloads. {/*BED-8246*/} + ## Full Path Highlighting in Explore + TODO: Update user guide and refine this description. + Highlight every inbound and outbound path that traverses the selected node in Explore instead of limiting the view to a single hop. Full path highlighting is enabled by default and can be toggled to a one-hop view, making it easier to understand how a node participates in longer attack paths. @@ -91,33 +105,19 @@ sidebarTitle: "2026-06-16" {/*BED-6272*/} ## Smarter Default Views for Query Results + TODO: Update user guide and refine this description. + BloodHound now selects a more contextually relevant default view when query results return only nodes and you have not chosen a sticky layout. This update improves table-view behavior while still preserving explicit layout selections when you manually choose how results should display. - - {/*BED-7082*/} - ## Increased Memory Limits for User Queries - - BloodHound now supports higher memory limits for user-submitted queries. - - This change raises the default user query memory ceiling from 1 GB to 2 GB and carries that limit through the PG DAWGS driver, improving support for more demanding query workloads. - - - - {/*BED-8234*/} - ## Namespace Keys on the OpenGraph Management Page - - View each extension's namespace key directly on the **OpenGraph Management** page. - - This update makes it easier to identify the correct namespace prefix for extension-defined object types when you validate installations or search for extension data. - - {/*BED-8277*/} ## Embedded SpecterOps Extension Schemas + TODO: Update user guide and refine this description. + BloodHound Enterprise logo BloodHound now embeds SpecterOps-supported extension schemas directly in the product build. @@ -129,6 +129,8 @@ sidebarTitle: "2026-06-16" {/*BED-8207*/} ## Updated Privilege Zone Names in Posture + TODO: Determine whether this is actually shipping. If so, probably just requires updating screenshots. + BloodHound Enterprise logo Posture now uses **Privilege Zones** terminology in the Attack Paths table instead of older **Tier Zero** naming. @@ -140,6 +142,8 @@ sidebarTitle: "2026-06-16" {/*BED-8186*/} ## Search Across Privilege Zone Certifications + TODO: Update user guide and GIF and refine this description. + BloodHound Enterprise logo Search across all objects in privilege zone certification states from the certifications page. @@ -155,7 +159,7 @@ sidebarTitle: "2026-06-16" - [CoerceAndRelayNTLMToSMB](/resources/edges/coerce-and-relay-ntlm-to-smb) - [ADCSESC1](/resources/edges/adcs-esc1) - [ADCSESC3](/resources/edges/adcs-esc3) - - {/*BED-7088*/} Resolved an issue where the [POST `/api/v2/asset-group-tags/preview-selectors`](/reference/asset-isolation/preview-selectors) endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. + - {/*BED-7088*/} Resolved an issue where the [Preview selectors](/reference/asset-isolation/preview-selectors) endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. ## Cypher From 358a02510303d86c7f2919646f6daffc697f6659 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 8 Jun 2026 16:53:31 -0500 Subject: [PATCH 10/28] chore: removed mis-tagged issues --- docs/resources/release-notes/2026-06-16.mdx | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 2fe46f8f..72668c91 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -78,17 +78,6 @@ sidebarTitle: "2026-06-16" This change gives the API and the [OpenGraph Management](/opengraph/extensions/manage) page the information needed to expose the namespace prefix used for extension-defined node types. - - {/*BED-7082*/} - ## Increased Memory Limits - - TODO: Update user guide (bhe.config.json) and refine this description. - - BloodHound now supports higher memory limits for user-submitted queries. - - This change raises the default user query memory ceiling from 1GB to 2GB, improving support for more demanding query workloads. - - {/*BED-8246*/} @@ -159,8 +148,7 @@ sidebarTitle: "2026-06-16" - [CoerceAndRelayNTLMToSMB](/resources/edges/coerce-and-relay-ntlm-to-smb) - [ADCSESC1](/resources/edges/adcs-esc1) - [ADCSESC3](/resources/edges/adcs-esc3) - - {/*BED-7088*/} Resolved an issue where the [Preview selectors](/reference/asset-isolation/preview-selectors) endpoint did not return the `source` enum for nodes, preventing clients from distinguishing seed, child, and parent results. - + ## Cypher - {/*BED-7759*/} Fixed an issue where editing a saved query while another query was selected displayed the wrong query in the edit box, potentially causing you to overwrite the wrong saved query. From e7dceca1f33d189463527e8a00895ecb3df89901 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 09:17:50 -0500 Subject: [PATCH 11/28] wip: copyedit full-path highlighting --- docs/resources/release-notes/2026-06-16.mdx | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 72668c91..e61581ef 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -81,13 +81,11 @@ sidebarTitle: "2026-06-16" {/*BED-8246*/} - ## Full Path Highlighting in Explore + ## Full-Path Highlighting - TODO: Update user guide and refine this description. - - Highlight every inbound and outbound path that traverses the selected node in Explore instead of limiting the view to a single hop. + When you select a node in the graph, BloodHound now dims paths that do not traverse the selected node. This includes inbound and outbound object control, making it easier to isolate how a node participates in longer Attack Paths. - Full path highlighting is enabled by default and can be toggled to a one-hop view, making it easier to understand how a node participates in longer attack paths. + Full-path highlighting is enabled by default. See [Object interaction](/analyze-data//explore/search#object-interaction) for more information. From f338866eed19cae5e347348ca207134f37af581e Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 10:18:31 -0500 Subject: [PATCH 12/28] wip: copyedit layout defaults --- docs/resources/release-notes/2026-06-16.mdx | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index e61581ef..3873fa1b 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -90,13 +90,15 @@ sidebarTitle: "2026-06-16" {/*BED-6272*/} - ## Smarter Default Views for Query Results - TODO: Update user guide and refine this description. + ## Smarter layout defaults for Cypher results + + BloodHound now automatically opens the **Table** layout when a Cypher query returns multiple nodes with no edges and you haven't chosen a layout. This makes it easier to scan, sort, and export node-only results without manually switching layouts. + + Your explicit layout selections are always preserved. If you've chosen a layout, BloodHound keeps it regardless of result shape and doesn't auto-open the **Table** layout. Closing the **Table** layout when you have an explicit layout selected returns you to that layout; closing it with no layout selected returns you to your edition default. - BloodHound now selects a more contextually relevant default view when query results return only nodes and you have not chosen a sticky layout. + See [Visualization options](/analyze-data/explore/search#visualization-options) for a full breakdown of layout selection behavior. - This update improves table-view behavior while still preserving explicit layout selections when you manually choose how results should display. From 046235cb125d4539b8a8677dea34e7d62bc87ea1 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 10:26:52 -0500 Subject: [PATCH 13/28] wip: copyedit layout defaults --- docs/resources/release-notes/2026-06-16.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 3873fa1b..4bdbd99a 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -95,7 +95,7 @@ sidebarTitle: "2026-06-16" BloodHound now automatically opens the **Table** layout when a Cypher query returns multiple nodes with no edges and you haven't chosen a layout. This makes it easier to scan, sort, and export node-only results without manually switching layouts. - Your explicit layout selections are always preserved. If you've chosen a layout, BloodHound keeps it regardless of result shape and doesn't auto-open the **Table** layout. Closing the **Table** layout when you have an explicit layout selected returns you to that layout; closing it with no layout selected returns you to your edition default. + Your explicit layout selections are always preserved. If you've chosen a layout, BloodHound keeps it regardless of result shape and doesn't auto-open the **Table** layout. See [Visualization options](/analyze-data/explore/search#visualization-options) for a full breakdown of layout selection behavior. From ae7d6cb31ebc8201459d28017ba1a361f14e32f4 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 10:35:07 -0500 Subject: [PATCH 14/28] wip: minor copyediting --- docs/resources/release-notes/2026-06-16.mdx | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 4bdbd99a..4b177e87 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -44,7 +44,7 @@ sidebarTitle: "2026-06-16" {/*BED-7765*/} - ## Auditor Access Improvements for Users and Clients + ## Auditor Access Improvements Users with the **Auditor** role can now view the **Manage Users** and **Manage Clients** tables without requiring the permissions needed to create or modify those resources. @@ -53,7 +53,7 @@ sidebarTitle: "2026-06-16" {/*BED-7263*/} - ## Expanded Audit Logging for Risky Actions + ## Expanded Audit Logging [Audit logs](/reference/audit/list-audit-logs) now capture additional high-risk user actions, including running Cypher queries, editing collector clients or schedules, and running on-demand collections. @@ -62,7 +62,7 @@ sidebarTitle: "2026-06-16" {/*BED-7226*/} - ## Improved Data Table Accessibility + ## Accessibility Improvements Data tables now provide more accessible headers, sorting behavior, keyboard navigation, and screen reader announcements. @@ -71,7 +71,7 @@ sidebarTitle: "2026-06-16" {/*BED-8233,BED-8234*/} - ## Namespace Keys in `GET /extensions` + ## OpenGraph Extension Namespace Information The [List OpenGraph Extensions Information](/reference/opengraph-experimental/list-opengraph-extensions-information) endpoint now includes each extension's [`namespace`](/opengraph/developer/graph-definition#param-namespace) key in its response body. @@ -91,7 +91,7 @@ sidebarTitle: "2026-06-16" {/*BED-6272*/} - ## Smarter layout defaults for Cypher results + ## Smarter Layout Defaults for Cypher Results BloodHound now automatically opens the **Table** layout when a Cypher query returns multiple nodes with no edges and you haven't chosen a layout. This makes it easier to scan, sort, and export node-only results without manually switching layouts. @@ -143,11 +143,11 @@ sidebarTitle: "2026-06-16" ## API - - {/*BED-6775*/} Resolved an issue where the **Composition** and **Relay Target** Entity panel accordions did not populate for several ADCS edges, causing the related node and edge data to appear empty. - - [CoerceAndRelayNTLMToADCS](/resources/edges/coerce-and-relay-ntlm-to-adcs) - - [CoerceAndRelayNTLMToSMB](/resources/edges/coerce-and-relay-ntlm-to-smb) - - [ADCSESC1](/resources/edges/adcs-esc1) - - [ADCSESC3](/resources/edges/adcs-esc3) + {/*BED-6775*/} Resolved an issue where the **Composition** and **Relay Target** accordions in the Entity panel did not populate in the following ADCS edges, causing the related node and edge data to appear empty: + - [CoerceAndRelayNTLMToADCS](/resources/edges/coerce-and-relay-ntlm-to-adcs) + - [CoerceAndRelayNTLMToSMB](/resources/edges/coerce-and-relay-ntlm-to-smb) + - [ADCSESC1](/resources/edges/adcs-esc1) + - [ADCSESC3](/resources/edges/adcs-esc3) ## Cypher From 1c5cc8879771cb6f104edb16ced4eb62c4fc1815 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 10:49:53 -0500 Subject: [PATCH 15/28] wip: copyedit attack path type names --- docs/resources/release-notes/2026-06-16.mdx | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 4b177e87..67f3eb3a 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -116,15 +116,13 @@ sidebarTitle: "2026-06-16" {/*BED-8207*/} - ## Updated Privilege Zone Names in Posture - - TODO: Determine whether this is actually shipping. If so, probably just requires updating screenshots. + ## Updated Attack Path Type Names BloodHound Enterprise logo - Posture now uses **Privilege Zones** terminology in the Attack Paths table instead of older **Tier Zero** naming. + The **Attack Paths** table on the **Posture** page now uses Privilege Zones terminology (where appropriate) instead of older **Tier Zero** naming. - This update keeps Posture labels aligned with the current privilege zone experience across the product. + This update keeps Attack Path type names aligned with the latest findings documentation in BloodHound Enterprise. From 86d62f4f7476f6d0cf4940fc828f855d0fd3944e Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 10:58:04 -0500 Subject: [PATCH 16/28] chore: removed previously shipped cypher result layouts enhancement --- docs/resources/release-notes/2026-06-16.mdx | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 67f3eb3a..52ff4adc 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -88,19 +88,6 @@ sidebarTitle: "2026-06-16" Full-path highlighting is enabled by default. See [Object interaction](/analyze-data//explore/search#object-interaction) for more information. - - {/*BED-6272*/} - - ## Smarter Layout Defaults for Cypher Results - - BloodHound now automatically opens the **Table** layout when a Cypher query returns multiple nodes with no edges and you haven't chosen a layout. This makes it easier to scan, sort, and export node-only results without manually switching layouts. - - Your explicit layout selections are always preserved. If you've chosen a layout, BloodHound keeps it regardless of result shape and doesn't auto-open the **Table** layout. - - See [Visualization options](/analyze-data/explore/search#visualization-options) for a full breakdown of layout selection behavior. - - - {/*BED-8277*/} ## Embedded SpecterOps Extension Schemas From 58165c3469a97e9ca33bf078afb54e5b232cf17b Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 11:17:08 -0500 Subject: [PATCH 17/28] wip: copyedit certification statuses --- docs/resources/release-notes/2026-06-16.mdx | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 52ff4adc..f6d4c111 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -112,17 +112,15 @@ sidebarTitle: "2026-06-16" This update keeps Attack Path type names aligned with the latest findings documentation in BloodHound Enterprise. - + {/*BED-8186*/} - ## Search Across Privilege Zone Certifications - - TODO: Update user guide and GIF and refine this description. + ## Search Across Certification Statuses BloodHound Enterprise logo - Search across all objects in privilege zone certification states from the certifications page. + Search for objects across all [certification statuses](/analyze-data/privilege-zones/certification#by-status) in Zone Builder. - This improvement helps you confirm whether a specific object is already present in a zone without checking each certification state separately. + This improvement helps you confirm whether a specific object is already present in a zone without selecting each certification status separately and running multiple searches. From 728519fbd971605408e7fdd4b8ece249b50e2f25 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 15:02:54 -0500 Subject: [PATCH 18/28] wip: copyedited built-in extensions --- docs/resources/release-notes/2026-06-16.mdx | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index f6d4c111..7ca5dd98 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -90,15 +90,13 @@ sidebarTitle: "2026-06-16" {/*BED-8277*/} - ## Embedded SpecterOps Extension Schemas - - TODO: Update user guide and refine this description. + ## Built-in SpecterOps Extensions BloodHound Enterprise logo - BloodHound now embeds SpecterOps-supported extension schemas directly in the product build. + BloodHound Enterprise now includes built-in SpecterOps OpenGraph extensions for GitHub, Jamf, and Okta. This streamlines extension management by making these supported extensions available without a separate installation step. - This update streamlines extension management by making supported schemas available without requiring a separate installation workflow, while still supporting newer extension versions as they become available. + See [OpenGraph Extensions](/opengraph/extensions/manage) to learn more. From 7b8bac902ffa0c9b3192759d6efa382e70f53aae Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 15:18:47 -0500 Subject: [PATCH 19/28] wip: added post-processing performance enhancements --- docs/resources/release-notes/2026-06-16.mdx | 25 ++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 7ca5dd98..0493c2a7 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -70,7 +70,7 @@ sidebarTitle: "2026-06-16" - {/*BED-8233,BED-8234*/} + {/*BED-8233, BED-8234*/} ## OpenGraph Extension Namespace Information The [List OpenGraph Extensions Information](/reference/opengraph-experimental/list-opengraph-extensions-information) endpoint now includes each extension's [`namespace`](/opengraph/developer/graph-definition#param-namespace) key in its response body. @@ -88,6 +88,29 @@ sidebarTitle: "2026-06-16" Full-path highlighting is enabled by default. See [Object interaction](/analyze-data//explore/search#object-interaction) for more information. + + ## Incremental Edge Updates + {/*BED-8361, BED-8362, BED-8363, BED-8364, BED-8365*/} + Optimized processing logic for the following edge types, significantly reducing time in analysis: + + - [Owns](/resources/edges/owns) + - [WriteOwner](/resources/edges/write-owner) + - [EnrollOnBehalfOf](/resources/edges/enroll-on-behalf-of) + - [ADCSESC1](/resources/edges/adcs-esc1) + - [ADCSESC3](/resources/edges/adcs-esc3) + - [ADCSESC4](/resources/edges/adcs-esc4) + - [ADCSESC6a](/resources/edges/adcs-esc6a) + - [ADCSESC6b](/resources/edges/adcs-esc6b) + - [ADCSESC13](/resources/edges/adcs-esc13) + - [SyncLAPSPassword](/resources/edges/sync-laps-password) + - [ReadLAPSPassword](/resources/edges/read-laps-password) + - [DCSync](/resources/edges/dc-sync) + - [CanRDP](/resources/edges/can-rdp) + - [AdminTo](/resources/edges/admin-to) + - [ExecuteDcom](/resources/edges/execute-dcom) + - [CanPSRemote](/resources/edges/can-ps-remote) + + {/*BED-8277*/} ## Built-in SpecterOps Extensions From 87eb0afe60107acecc9df7480a2793834117d603 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 15:35:49 -0500 Subject: [PATCH 20/28] wip: initial draft of v9.3.0 summary --- docs/resources/release-notes/summary.mdx | 43 ++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index a8faea26..97de88bb 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -8,6 +8,49 @@ This page provides a summary of recent BloodHound product releases, including re See the release notes [archive](/resources/release-notes/v8-4-0) for previous releases. +## 2026-06-16 + +| | | | | | +| --- | --- | --- | --- | --- | +| **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | +| 2026-06-16 | v9.3.0 | v0.2.0 | No release | v2.12.2 | + +This release expands OpenHound authentication support, improves visibility and access control across BloodHound administration workflows, and speeds up analysis with additional incremental post-processing updates. Key highlights include: + +- **OpenHound authentication improvements**: Use Jamf Pro API clients for the Jamf collector and support GitHub Enterprise environments that enforce enterprise-level single sign-on (SSO). +- **Administration and auditability updates**: Reduce sensitive read access for non-administrator roles, improve Auditor visibility into management tables, and capture more high-risk operator actions in audit logs. +- **Explore and OpenGraph improvements**: Highlight full paths through a selected node in Explore and view extension namespace information in OpenGraph APIs and management workflows. +- **Post-processing performance updates**: Incrementally update more high-impact edge types to reduce analysis time. +- **Built-in extension support**: BloodHound Enterprise now includes built-in SpecterOps OpenGraph extensions for GitHub, Jamf, and Okta. + +### New Features + +| Component | Update | Summary | +| --- | --- | --- | +| Data Collection | [Jamf API Client Authentication](/resources/release-notes/2026-06-16#jamf-api-client-authentication) | Authenticate the OpenHound Jamf collector with a scoped Jamf Pro API client instead of a user account and password. | +| Data Collection | [GitHub Enterprise SSO Support](/resources/release-notes/2026-06-16#github-enterprise-sso-support) | Connect OpenHound to GitHub Enterprise environments that enforce enterprise-level single sign-on. | + +### Enhancements + +| Component | Update | Summary | +| --- | --- | --- | +| Administration | [Reduced Read Permissions for Non-Administrator Roles](/resources/release-notes/2026-06-16#reduced-read-permissions-for-non-administrator-roles) | Limit sensitive user data and administration API access for the **User**, **Power User**, and **Read-only** roles. | +| Administration | [Auditor Access Improvements](/resources/release-notes/2026-06-16#auditor-access-improvements) | Let users with the **Auditor** role review **Manage Users** and **Manage Clients** tables without gaining modification permissions. | +| Administration | [Expanded Audit Logging](/resources/release-notes/2026-06-16#expanded-audit-logging) | Capture more high-risk user actions in audit logs, including Cypher execution and collector operations. | +| Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Improve table headers, sorting behavior, keyboard navigation, and screen reader announcements. | +| API | [OpenGraph Extension Namespace Information](/resources/release-notes/2026-06-16#opengraph-extension-namespace-information) | Return each extension's namespace in the OpenGraph extension information API response. | +| Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Dim unrelated paths when you select a node to better isolate how it participates in longer Attack Paths. | +| OpenGraph (Enterprise) | [Built-in SpecterOps Extensions](/resources/release-notes/2026-06-16#built-in-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | +| Post-Processing | [Incremental Edge Updates](/resources/release-notes/2026-06-16#incremental-edge-updates) | Reduce analysis time by incrementally updating more high-impact edge types during post-processing. | +| Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Align **Attack Paths** terminology with current Privilege Zones language. | +| Zone Builder (Enterprise) | [Search Across Certification Statuses](/resources/release-notes/2026-06-16#search-across-certification-statuses) | Search across all certification statuses to confirm whether an object is already present in a zone. | + +### Fixed Issues + +This release resolves issues in API edge details, Cypher saved query editing and variable reuse performance, OpenHound Okta collection completeness, AzureHound hosted image versioning, and Enterprise Posture chart rendering. + +See the [release notes](/resources/release-notes/2026-06-16) for a full list of fixed issues in this release. + ## 2026-06-01 | | | | | | From 6bd20d40d880d2b6417fc6aa2766823c16991f1a Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 16:05:36 -0500 Subject: [PATCH 21/28] chore: align summary and v9.3.0 release notes --- docs/resources/release-notes/2026-06-16.mdx | 4 +-- docs/resources/release-notes/summary.mdx | 33 ++++++++++----------- 2 files changed, 18 insertions(+), 19 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 0493c2a7..e4a17863 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -7,7 +7,7 @@ sidebarTitle: "2026-06-16" | | | | | | | --- | --- | --- | --- | --- | | **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | -| 2026-06-16 | v9.3.0 | v0.2.0 | No release | v2.12.2 | +| 2026-06-16 | v9.3.0 | v0.1.5 | No release | v2.12.2 | Use the filters on the right side of this page to narrow down the updates by component. You can select multiple filters at the same time to refine your results. @@ -89,7 +89,7 @@ sidebarTitle: "2026-06-16" - ## Incremental Edge Updates + ## Analysis Performance Improvements {/*BED-8361, BED-8362, BED-8363, BED-8364, BED-8365*/} Optimized processing logic for the following edge types, significantly reducing time in analysis: diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index 97de88bb..8b9e433c 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -6,28 +6,29 @@ sidebarTitle: Summary This page provides a summary of recent BloodHound product releases, including release dates, version numbers, and links to detailed release notes. -See the release notes [archive](/resources/release-notes/v8-4-0) for previous releases. + + See the release notes [archive](/resources/release-notes/v8-4-0) for previous releases. + ## 2026-06-16 | | | | | | | --- | --- | --- | --- | --- | | **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | -| 2026-06-16 | v9.3.0 | v0.2.0 | No release | v2.12.2 | +| 2026-06-16 | v9.3.0 | v0.1.5 | No release | v2.12.2 | -This release expands OpenHound authentication support, improves visibility and access control across BloodHound administration workflows, and speeds up analysis with additional incremental post-processing updates. Key highlights include: +This release expands OpenHound authentication support, improves visibility and access control across BloodHound administration workflows, and speeds up analysis. Key highlights include: -- **OpenHound authentication improvements**: Use Jamf Pro API clients for the Jamf collector and support GitHub Enterprise environments that enforce enterprise-level single sign-on (SSO). -- **Administration and auditability updates**: Reduce sensitive read access for non-administrator roles, improve Auditor visibility into management tables, and capture more high-risk operator actions in audit logs. -- **Explore and OpenGraph improvements**: Highlight full paths through a selected node in Explore and view extension namespace information in OpenGraph APIs and management workflows. -- **Post-processing performance updates**: Incrementally update more high-impact edge types to reduce analysis time. -- **Built-in extension support**: BloodHound Enterprise now includes built-in SpecterOps OpenGraph extensions for GitHub, Jamf, and Okta. +- **Access control**: Limit sensitive user data and administration API access for non-administrator roles. +- **Audit logging**: Capture and review more operator actions in audit logs. +- **Explore**: Highlight only the paths that traverse a selected node in the graph. +- **OpenHound**: Use an API client to authenticate the Jamf collector. ### New Features | Component | Update | Summary | | --- | --- | --- | -| Data Collection | [Jamf API Client Authentication](/resources/release-notes/2026-06-16#jamf-api-client-authentication) | Authenticate the OpenHound Jamf collector with a scoped Jamf Pro API client instead of a user account and password. | +| Data Collection | [Jamf API Client Authentication](/resources/release-notes/2026-06-16#jamf-api-client-authentication) | Authenticate the OpenHound Jamf collector with a Jamf Pro API client. | | Data Collection | [GitHub Enterprise SSO Support](/resources/release-notes/2026-06-16#github-enterprise-sso-support) | Connect OpenHound to GitHub Enterprise environments that enforce enterprise-level single sign-on. | ### Enhancements @@ -37,19 +38,17 @@ This release expands OpenHound authentication support, improves visibility and a | Administration | [Reduced Read Permissions for Non-Administrator Roles](/resources/release-notes/2026-06-16#reduced-read-permissions-for-non-administrator-roles) | Limit sensitive user data and administration API access for the **User**, **Power User**, and **Read-only** roles. | | Administration | [Auditor Access Improvements](/resources/release-notes/2026-06-16#auditor-access-improvements) | Let users with the **Auditor** role review **Manage Users** and **Manage Clients** tables without gaining modification permissions. | | Administration | [Expanded Audit Logging](/resources/release-notes/2026-06-16#expanded-audit-logging) | Capture more high-risk user actions in audit logs, including Cypher execution and collector operations. | -| Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Improve table headers, sorting behavior, keyboard navigation, and screen reader announcements. | -| API | [OpenGraph Extension Namespace Information](/resources/release-notes/2026-06-16#opengraph-extension-namespace-information) | Return each extension's namespace in the OpenGraph extension information API response. | -| Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Dim unrelated paths when you select a node to better isolate how it participates in longer Attack Paths. | +| Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Navigate data tables more effectively with improved headers, sorting behavior, keyboard support, and screen reader announcements. | +| API | [OpenGraph Extension Namespace Information](/resources/release-notes/2026-06-16#opengraph-extension-namespace-information) | View each extension's namespace in the OpenGraph extension information API response. | +| Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Highlight the full path through a selected node so you can better isolate how it participates in longer Attack Paths. | | OpenGraph (Enterprise) | [Built-in SpecterOps Extensions](/resources/release-notes/2026-06-16#built-in-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | -| Post-Processing | [Incremental Edge Updates](/resources/release-notes/2026-06-16#incremental-edge-updates) | Reduce analysis time by incrementally updating more high-impact edge types during post-processing. | -| Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Align **Attack Paths** terminology with current Privilege Zones language. | +| Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#incremental-edge-updates) | See results faster with significantly reduced time in analysis. | +| Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Review **Attack Paths** with terminology that matches the latest findings documentation. | | Zone Builder (Enterprise) | [Search Across Certification Statuses](/resources/release-notes/2026-06-16#search-across-certification-statuses) | Search across all certification statuses to confirm whether an object is already present in a zone. | ### Fixed Issues -This release resolves issues in API edge details, Cypher saved query editing and variable reuse performance, OpenHound Okta collection completeness, AzureHound hosted image versioning, and Enterprise Posture chart rendering. - -See the [release notes](/resources/release-notes/2026-06-16) for a full list of fixed issues in this release. +See the [release notes](/resources/release-notes/2026-06-16#bloodhound-11) for a full list of fixed issues in this release. ## 2026-06-01 From 5d588819c6b5b4f47a7938388f7f194ac9285872 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Tue, 9 Jun 2026 16:18:39 -0500 Subject: [PATCH 22/28] fix: broken links --- docs/resources/release-notes/2026-06-16.mdx | 2 +- docs/resources/release-notes/summary.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index e4a17863..f2a712e2 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -85,7 +85,7 @@ sidebarTitle: "2026-06-16" When you select a node in the graph, BloodHound now dims paths that do not traverse the selected node. This includes inbound and outbound object control, making it easier to isolate how a node participates in longer Attack Paths. - Full-path highlighting is enabled by default. See [Object interaction](/analyze-data//explore/search#object-interaction) for more information. + Full-path highlighting is enabled by default. See [Object interaction](/analyze-data/explore/search#object-interaction) for more information. diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index 8b9e433c..9a1a2a0a 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -42,7 +42,7 @@ This release expands OpenHound authentication support, improves visibility and a | API | [OpenGraph Extension Namespace Information](/resources/release-notes/2026-06-16#opengraph-extension-namespace-information) | View each extension's namespace in the OpenGraph extension information API response. | | Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Highlight the full path through a selected node so you can better isolate how it participates in longer Attack Paths. | | OpenGraph (Enterprise) | [Built-in SpecterOps Extensions](/resources/release-notes/2026-06-16#built-in-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | -| Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#incremental-edge-updates) | See results faster with significantly reduced time in analysis. | +| Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#analysis-performance-improvements) | See results faster with significantly reduced time in analysis. | | Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Review **Attack Paths** with terminology that matches the latest findings documentation. | | Zone Builder (Enterprise) | [Search Across Certification Statuses](/resources/release-notes/2026-06-16#search-across-certification-statuses) | Search across all certification statuses to confirm whether an object is already present in a zone. | From e822eacebf26de092d9ae6afecbc64b0424f4726 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Wed, 10 Jun 2026 16:00:53 -0500 Subject: [PATCH 23/28] chore: normalized pre-installed extension terminology --- docs/resources/release-notes/2026-06-16.mdx | 4 ++-- docs/resources/release-notes/summary.mdx | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index f2a712e2..0a292040 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -113,11 +113,11 @@ sidebarTitle: "2026-06-16" {/*BED-8277*/} - ## Built-in SpecterOps Extensions + ## Pre-installed SpecterOps Extensions BloodHound Enterprise logo - BloodHound Enterprise now includes built-in SpecterOps OpenGraph extensions for GitHub, Jamf, and Okta. This streamlines extension management by making these supported extensions available without a separate installation step. + BloodHound Enterprise now includes pre-installed OpenGraph extensions for GitHub, Jamf, and Okta. This streamlines extension management by making these supported extensions available without a separate installation step. See [OpenGraph Extensions](/opengraph/extensions/manage) to learn more. diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index 9a1a2a0a..abcf1819 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -41,7 +41,7 @@ This release expands OpenHound authentication support, improves visibility and a | Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Navigate data tables more effectively with improved headers, sorting behavior, keyboard support, and screen reader announcements. | | API | [OpenGraph Extension Namespace Information](/resources/release-notes/2026-06-16#opengraph-extension-namespace-information) | View each extension's namespace in the OpenGraph extension information API response. | | Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Highlight the full path through a selected node so you can better isolate how it participates in longer Attack Paths. | -| OpenGraph (Enterprise) | [Built-in SpecterOps Extensions](/resources/release-notes/2026-06-16#built-in-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | +| OpenGraph (Enterprise) | [Pre-Installed SpecterOps Extensions](/resources/release-notes/2026-06-16#pre-installed-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | | Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#analysis-performance-improvements) | See results faster with significantly reduced time in analysis. | | Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Review **Attack Paths** with terminology that matches the latest findings documentation. | | Zone Builder (Enterprise) | [Search Across Certification Statuses](/resources/release-notes/2026-06-16#search-across-certification-statuses) | Search across all certification statuses to confirm whether an object is already present in a zone. | From 4c9729cc3c240144a2680db104c7c9082f6f59a1 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Wed, 10 Jun 2026 16:01:59 -0500 Subject: [PATCH 24/28] style: use title case --- docs/resources/release-notes/2026-06-16.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 0a292040..91d78bae 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -113,7 +113,7 @@ sidebarTitle: "2026-06-16" {/*BED-8277*/} - ## Pre-installed SpecterOps Extensions + ## Pre-Installed SpecterOps Extensions BloodHound Enterprise logo From e312ab47b704b8946a0b423019682ca792364772 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Thu, 11 Jun 2026 14:28:18 -0500 Subject: [PATCH 25/28] chore: bump openhound version --- docs/resources/release-notes/2026-06-16.mdx | 2 +- docs/resources/release-notes/summary.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index 91d78bae..aa8d89c3 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -7,7 +7,7 @@ sidebarTitle: "2026-06-16" | | | | | | | --- | --- | --- | --- | --- | | **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | -| 2026-06-16 | v9.3.0 | v0.1.5 | No release | v2.12.2 | +| 2026-06-16 | v9.3.0 | v0.2.0 | No release | v2.12.2 | Use the filters on the right side of this page to narrow down the updates by component. You can select multiple filters at the same time to refine your results. diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index abcf1819..21886e00 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -15,7 +15,7 @@ This page provides a summary of recent BloodHound product releases, including re | | | | | | | --- | --- | --- | --- | --- | | **Release** | **BloodHound** | **OpenHound** | **SharpHound** | **AzureHound** | -| 2026-06-16 | v9.3.0 | v0.1.5 | No release | v2.12.2 | +| 2026-06-16 | v9.3.0 | v0.2.0 | No release | v2.12.2 | This release expands OpenHound authentication support, improves visibility and access control across BloodHound administration workflows, and speeds up analysis. Key highlights include: From 3bc0266abdcbef3a542ec54e67b77116d4f9c607 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 15 Jun 2026 08:08:01 -0500 Subject: [PATCH 26/28] style: refine headings --- docs/resources/release-notes/2026-06-16.mdx | 4 ++-- docs/resources/release-notes/summary.mdx | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/resources/release-notes/2026-06-16.mdx b/docs/resources/release-notes/2026-06-16.mdx index aa8d89c3..979a98b3 100644 --- a/docs/resources/release-notes/2026-06-16.mdx +++ b/docs/resources/release-notes/2026-06-16.mdx @@ -33,7 +33,7 @@ sidebarTitle: "2026-06-16" {/*BED-8336*/} - ## Reduced Read Permissions for Non-Administrator Roles + ## Role-Based Access Hardening Read access for the **User**, **Power User**, and **Read-only** roles has been reduced to limit exposure to sensitive user data and administrative API endpoints. @@ -71,7 +71,7 @@ sidebarTitle: "2026-06-16" {/*BED-8233, BED-8234*/} - ## OpenGraph Extension Namespace Information + ## OpenGraph Extension Namespace Visibility The [List OpenGraph Extensions Information](/reference/opengraph-experimental/list-opengraph-extensions-information) endpoint now includes each extension's [`namespace`](/opengraph/developer/graph-definition#param-namespace) key in its response body. diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index 21886e00..c76f14e8 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -35,11 +35,11 @@ This release expands OpenHound authentication support, improves visibility and a | Component | Update | Summary | | --- | --- | --- | -| Administration | [Reduced Read Permissions for Non-Administrator Roles](/resources/release-notes/2026-06-16#reduced-read-permissions-for-non-administrator-roles) | Limit sensitive user data and administration API access for the **User**, **Power User**, and **Read-only** roles. | +| Administration | [Role-Based Access Hardening](/resources/release-notes/2026-06-16#role-based-access-hardening) | Limit sensitive user data and administration API access for the **User**, **Power User**, and **Read-only** roles. | | Administration | [Auditor Access Improvements](/resources/release-notes/2026-06-16#auditor-access-improvements) | Let users with the **Auditor** role review **Manage Users** and **Manage Clients** tables without gaining modification permissions. | | Administration | [Expanded Audit Logging](/resources/release-notes/2026-06-16#expanded-audit-logging) | Capture more high-risk user actions in audit logs, including Cypher execution and collector operations. | | Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Navigate data tables more effectively with improved headers, sorting behavior, keyboard support, and screen reader announcements. | -| API | [OpenGraph Extension Namespace Information](/resources/release-notes/2026-06-16#opengraph-extension-namespace-information) | View each extension's namespace in the OpenGraph extension information API response. | +| API | [OpenGraph Extension Namespace Visibility](/resources/release-notes/2026-06-16#opengraph-extension-namespace-visibility) | View each extension's namespace in the OpenGraph extension information API response. | | Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Highlight the full path through a selected node so you can better isolate how it participates in longer Attack Paths. | | OpenGraph (Enterprise) | [Pre-Installed SpecterOps Extensions](/resources/release-notes/2026-06-16#pre-installed-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | | Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#analysis-performance-improvements) | See results faster with significantly reduced time in analysis. | From 4684a479292627d5517ebce2a096a9236b5c6617 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 15 Jun 2026 11:41:47 -0500 Subject: [PATCH 27/28] docs: clarify editionavailability for supported extensions --- docs/resources/release-notes/summary.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index c76f14e8..760f37c2 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -41,7 +41,7 @@ This release expands OpenHound authentication support, improves visibility and a | Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Navigate data tables more effectively with improved headers, sorting behavior, keyboard support, and screen reader announcements. | | API | [OpenGraph Extension Namespace Visibility](/resources/release-notes/2026-06-16#opengraph-extension-namespace-visibility) | View each extension's namespace in the OpenGraph extension information API response. | | Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Highlight the full path through a selected node so you can better isolate how it participates in longer Attack Paths. | -| OpenGraph (Enterprise) | [Pre-Installed SpecterOps Extensions](/resources/release-notes/2026-06-16#pre-installed-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions without a separate installation step. | +| OpenGraph (Enterprise) | [Pre-Installed SpecterOps Extensions](/resources/release-notes/2026-06-16#pre-installed-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions in BloodHound Enterprise without a separate installation step. | | Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#analysis-performance-improvements) | See results faster with significantly reduced time in analysis. | | Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Review **Attack Paths** with terminology that matches the latest findings documentation. | | Zone Builder (Enterprise) | [Search Across Certification Statuses](/resources/release-notes/2026-06-16#search-across-certification-statuses) | Search across all certification statuses to confirm whether an object is already present in a zone. | From 1bd3ab4ba51911628f9f85d8502397aec138e8a5 Mon Sep 17 00:00:00 2001 From: Jeff Matthews Date: Mon, 15 Jun 2026 12:54:04 -0500 Subject: [PATCH 28/28] chore: change enterprise designation --- docs/resources/release-notes/summary.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/release-notes/summary.mdx b/docs/resources/release-notes/summary.mdx index 760f37c2..e079c64f 100644 --- a/docs/resources/release-notes/summary.mdx +++ b/docs/resources/release-notes/summary.mdx @@ -41,7 +41,7 @@ This release expands OpenHound authentication support, improves visibility and a | Accessibility | [Accessibility Improvements](/resources/release-notes/2026-06-16#accessibility-improvements) | Navigate data tables more effectively with improved headers, sorting behavior, keyboard support, and screen reader announcements. | | API | [OpenGraph Extension Namespace Visibility](/resources/release-notes/2026-06-16#opengraph-extension-namespace-visibility) | View each extension's namespace in the OpenGraph extension information API response. | | Explore | [Full-Path Highlighting](/resources/release-notes/2026-06-16#full-path-highlighting) | Highlight the full path through a selected node so you can better isolate how it participates in longer Attack Paths. | -| OpenGraph (Enterprise) | [Pre-Installed SpecterOps Extensions](/resources/release-notes/2026-06-16#pre-installed-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions in BloodHound Enterprise without a separate installation step. | +| BloodHound Enterprise OpenGraph | [Pre-Installed SpecterOps Extensions](/resources/release-notes/2026-06-16#pre-installed-specterops-extensions) | Use supported GitHub, Jamf, and Okta OpenGraph extensions in BloodHound Enterprise without a separate installation step. | | Post-Processing | [Analysis Performance Improvements](/resources/release-notes/2026-06-16#analysis-performance-improvements) | See results faster with significantly reduced time in analysis. | | Posture (Enterprise) | [Updated Attack Path Type Names](/resources/release-notes/2026-06-16#updated-attack-path-type-names) | Review **Attack Paths** with terminology that matches the latest findings documentation. | | Zone Builder (Enterprise) | [Search Across Certification Statuses](/resources/release-notes/2026-06-16#search-across-certification-statuses) | Search across all certification statuses to confirm whether an object is already present in a zone. |