The following Privilege Zone rules can be imported into BloodHound to group nodes for Cypher query analysis and BloodHound Enterprise finding generation.
Devices associated with principals who have SUPER_ADMIN or ORG_ADMIN role assignments.Zone: Tier Zero
MATCH (n:Okta_Device)-[:Okta_DeviceOf]->(:Okta)-[:Okta_HasRoleAssignment|Okta_MemberOf*1..2]->(r:Okta_RoleAssignment)-[:Okta_ScopedTo]->(:Okta_Organization)WHERE r.type = "SUPER_ADMIN"OR r.type = "ORG_ADMIN"RETURN n
Principals with SUPER_ADMIN or ORG_ADMIN role assignments.Zone: Tier Zero
MATCH (n:Okta)-[:Okta_HasRoleAssignment|Okta_MemberOf*1..2]->(r:Okta_RoleAssignment)-[:Okta_ScopedTo]->(:Okta_Organization)WHERE r.type = "SUPER_ADMIN"OR r.type = "ORG_ADMIN"RETURN n