Know Your Adversary

In this episode of Know Your Adversary, hosts Jared Atkinson and Justin Kohler sit down with Kate Dawson, Director of Customer Success at SpecterOps, to explore what it takes to implement a successful Attack Path Management (APM) program.Kate explains how cross-team collaboration, identity-focused strategies, and programmatic—not project-based—approaches are key to lasting success. The team draws parallels between APM and vulnerability management, emphasizing the importance of continuous improvement, policy integration, and metrics like exposure reduction and remediation speed as signs of maturity in defending against identity-based attack paths.

In this episode of Know Your Adversary, hosts Justin Kohler and Jared Atkinson break down two key theoretical concepts shaping attack path management: the distinction between access graphs vs. attack graphs and the paradigm of identities at rest vs. identities in transit.They explain why access graphs—maps of who can reach what—don’t tell the full story, and how attack graphs reveal the snowballing effect of compromised identities that accumulate control across environments. With real-world analogies and data points, the conversation highlights why environments with millions of relationships often harbor billions of potential attack paths, leaving defenders with an overwhelming challenge.

In this episode of Know Your Adversary, hosts Justin Kohler and Jared Atkinson sit down with Robby Winchester, Chief Services Officer at SpecterOps, to explore the practical side of attack path management.Robby reflects on nearly a decade of SpecterOps’ consulting and training work, sharing how the newly released State of Attack Path Management Report formalizes long-standing challenges that organizations face when dealing with identity sprawl, misconfigurations, and privilege creep. Together, they discuss how identity issues scale across environments—whether Active Directory, Kubernetes, or cloud providers—and why visibility, context, and iteration are critical to managing real-world risk.

In the very first episode of Know Your Adversary by SpecterOps, Chief Product Officer Justin Kohler and Chief Technology Officer Jared Atkinson pull back the curtain on how BloodHound came to be and why attack path management is more critical than ever.They trace BloodHound’s roots from a red teamer’s Excel-driven struggle to its evolution into a revolutionary graph-theory tool that changed how defenders and adversaries alike understand identity-based attack paths. Along the way, they explain what an “attack path” really is, why attackers rarely land where they want to, and how pivoting across identities and computers creates endless opportunities for compromise.