JamfHound v1.1 Update: SSO Attack Paths and Okta Additions

This report describes JamfHound v1.1 enhancements that add SSO-aware graph nodes and hybrid edges to BloodHound, enabling visibility of dangerous attack paths in JAMF Pro deployments integrated with external identity providers (e.g., Okta). The updates reveal practical privilege escalation scenarios—such as abusing the "Update SSO Settings" right to point JAMF to an attacker-controlled IDP, and leveraging Okta–JAMF device/group mappings—to achieve full admin access and cross-platform pivoting; defenders can use the collector to identify and remediate these risks.