Release: 2026-04-13

docs/analyze-data/accept-findings.mdx

@@ -14,6 +14,8 @@ Prerequisites
 
 * Logged in as a user role that is authorized to accept attack path impacted principals, see [Administering users and roles](/manage-bloodhound/auth/users-and-roles).
 
+<Note>[Environment Targeted Access Control (ETAC)](/manage-bloodhound/auth/environment-targeted-access-control) can limit which environments a user can view in analysis pages. ETAC does not change who can accept findings, but it can limit which findings a scoped user can see.</Note>
+
 Process
 =======
 
@@ -54,6 +56,8 @@ Outcome
 
 When a principal is accepted, it is hidden from the principal table in the attack path until you toggle the setting \`Accepted\`. The principal and its edges will still be visible in the Explore and Posture pages.
 
+If ETAC applies to your account, visibility in **Explore** and **Posture** remains limited to your allowed environments.
+
 <Frame>
   <img src="/assets/image1-21.png"/>
 </Frame>

docs/analyze-data/explore/cypher-search.mdx

@@ -141,6 +141,24 @@ BloodHound allows you to import and export queries for easy sharing and backup.
 * **Import queries from JSON files**: Easily add new queries by dragging and dropping JSON files or compressed JSON files into the UI. BloodHound validates the files for correct syntax and notifies you of any errors.
 * **Export a saved query to a JSON file**: Share or back up your queries by exporting them in JSON format. Export is available for saved queries only. You cannot export prebuilt queries directly.
 
+### Disable Query Timeout
+
+For queries that may require more time to execute, you can now disable the default query timeout on a per-query basis.
+
+This allows you to run long-running queries and retrieve results that may take longer to compute without being prematurely terminated by the default timeout.
+
+<Note>
+  This feature is available for BloodHound Community Edition only. It is not visible by default and requires a database configuration change.
+</Note>
+
+  <Frame>
+    <img
+      src="/images/release_notes/9_0_0/disable-query-timeout.png"
+      alt="Screenshot of the Cypher query timeout bypass option in the query editor"
+      style={{ width:"70%" }}
+    />
+  </Frame>
+
 ## Write Custom Queries
 
 One of the most overlooked features of BloodHound is the ability to enter raw Cypher queries directly into the user interface. Likely, a lot of that has to do with the fact that it's not a very emphasized feature and requires learning Cypher. However, with some work, using raw Cypher queries can let you manipulate and examine BloodHound data in custom ways to help you further understand your network or identify interesting relationships.

docs/analyze-data/explore/search.mdx

@@ -11,6 +11,8 @@ BloodHound supports multiple data sources, including Active Directory, Azure (En
 
 <Note>BloodHound supports all search methods for [structured](/opengraph/extensions/manage#structured-graphs) graphs. If you're exploring [generic](/opengraph/extensions/manage#generic-graphs) graphs, you can use the **Search** and **Cypher** search methods only.</Note>
 
+<Note>If your account uses [Environment Targeted Access Control (ETAC)](/manage-bloodhound/auth/environment-targeted-access-control), search results and graph data are limited to the environments you can access.</Note>
+
 The **Explore** page provides the following methods for searching for objects and visualizing their relationships:
 
 <CardGroup cols={3}>
@@ -53,9 +55,9 @@ For example, if you want to find a user named "bob", type "bob" in the search bo
 
 ### Filter by node type
 
-You can also constrain your search to particular _built-in_ node types (AZ/AD) by prepending your search with the appropriate node label.
+You can also constrain your search to particular node types by prepending your search with the appropriate node label.
 
-<Note>Support for filtering by OpenGraph node types is coming at a later date.</Note>
+<Tip>This works for both built-in node types (AD/AZ) and OpenGraph node types.</Tip>
 
 For example, use the following search query to find group nodes that contain the word "admin":
 
@@ -73,7 +75,11 @@ group:admin
 
 The **Pathfinding** tab allows you to discover relationships between objects by finding paths between them. This is particularly useful for investigating potential attack paths across identity providers and cloud services in a single graph view.
 
-<Note>Pathfinding is available for [structured](/opengraph/extensions/manage#structured-graphs) graphs only.</Note>
+BloodHound currently supports the **Search** and **Cypher** search methods for OpenGraph data, with support for Pathfinding coming soon. Pathfinding is available for [structured](/opengraph/extensions/manage#structured-graphs) graphs only.
+
+<Note>
+When [ETAC](/manage-bloodhound/auth/environment-targeted-access-control) applies to your user account, pathfinding returns data from the environments you can access only.
+</Note>
 
 Use cases for the pathfinding search method include:
 
@@ -205,7 +211,7 @@ Use the graph visualization options at the bottom of the **Explore** page to cus
 
         - **Expand**—Maximize the graph view to fill the screen for better visibility
 
-        - **Columns**—Search, add and remove columns, reset column size, reset defaults, and pin columns in the table layout
+        - **Columns**—Search, add/remove, sort, reorder, reset column size, reset defaults, and pin columns in the table layout
       </Tab>
     </Tabs>
 

docs/analyze-data/posture-page.mdx

@@ -9,13 +9,61 @@ The **Posture** page is a simplified reporting dashboard that helps you understa
 
 Filter the view by domain, privilege zone, and time range to assess your overall risk.
 
+<Note>If your account uses [Environment Targeted Access Control (ETAC)](/manage-bloodhound/auth/environment-targeted-access-control), the **Posture** page shows data only for the environments you can access. ETAC does not replace filters such as domain, privilege zone, or time range.</Note>
+
 <Frame>
   <img
     src="/images/posture_page/page-filter.png"
     alt="A view of the Posture page filter options"
   />
 </Frame>
 
+## Filters
+
+You can filter the posture view by environment, privilege zone, hygiene, and time range to assess your overall risk and compare trends over time. 
+
+Use these filters to focus on specific areas of interest or to track the impact of remediation efforts. For example, you can filter by a specific environment to see how posture has changed in that environment over time, or filter by hygiene findings to track trends in tier-agnostic risks.
+
+### Environment
+
+The environment filter allows you to view posture trends for a specific platform, such as an Active Directory domain or Azure tenant. 
+
+This can help you understand how posture is changing within that environment and identify areas that may require additional attention.
+
+You can also filter on severity levels to focus on trends in high-risk Attack Paths. For example, you can filter to show only **CRITICAL** Attack Paths to see how the most severe risks are changing over time.
+
+### Date range
+
+The date range filter allows you to compare posture trends between analysis runs. For example, you can compare the current state of your environment to a previous point in time to see how your risk posture has changed.
+
+Choose from preset ranges or set a custom range to compare specific analysis runs. Custom date ranges include a time picker, so you can set exact start and end times.
+
+<Tip>
+  For meaningful trend comparisons, use the same filter scope and similar date ranges across reviews.
+</Tip>
+
+#### Custom Range
+
+Use a custom time range when you need tighter control over posture trend boundaries for the **Attack Paths** table and posture charts.
+
+The time picker disables future hour selections when the end date is set to today, and manual future end time entries are blocked with an inline validation error.
+
+  <Frame>
+    <img
+      src="/images/release_notes/9_0_0/time-validation.png"
+      alt="Screenshot showing the custom range validation improvements, including disabled future hour selections and inline validation error for manual future end time entries"
+      style={{ width: "70%" }}
+    />
+  </Frame>
+
+After you confirm a valid custom range, posture trend and completeness charts render through the selected end date.
+
+### Chart scale
+
+The chart scale filter allows you to adjust the scale of the posture graphs to better visualize trends. For example, if you have a large number of findings, you may want to use a logarithmic scale to better see changes over time.
+
+The linear scale shows consistent ranges clearly, while the logarithmic scale highlights outliers and wide variations in the data.
+
 ## Attack Paths
 
 The **Attack Paths** table displays the Attack Paths with active findings during the selected date range. Each Attack Path shows:

docs/collect-data/enterprise-collection/collection-schedule.mdx

@@ -3,6 +3,8 @@ title: Create a Data Collection Schedule
 description: Learn how to configure a SharpHound Enterprise collector client to run data collection on a schedule.
 ---
 
+import ScanOptions from '/snippets/hounds/scan-options.mdx';
+
 <img noZoom src="/assets/enterprise-edition-pill-tag.svg" alt="Applies to BloodHound Enterprise only"/>
 
 ## Purpose
@@ -52,14 +54,16 @@ The process to create a data collection schedule consists of the following steps
         - **Start Date**: The time at which the first collection should run
         - **Frequency**: The frequency at which the collection should run
         - **Data**: The [type of data](/collect-data/permissions) that the schedule collects
-        - **Advanced Options**: See [scanning options](/install-data-collector/install-sharphound/tenant-configuration)
+        - **Advanced Options**:
 
           <Frame>
             <img
               src="/images/data_collectors/configure-schedule.png"
               alt="Configure the schedule details"
             />
           </Frame>
+
+          <ScanOptions/>
 
     1. Click **Save** in the **Schedule** window.