Horizon3.ai

This Red vs. Blue approach to cybersecurity is unsustainable, and often does more harm than good. The goal should be Red AND Blue, working together.

During our assessment of the ResourceSpace code base, we found three new vulnerabilities that could be exploited by an unauthenticated attacker. The most critical is CVE-2021-41765, a pre-auth SQL injection that an attacker can abuse to gain remote code execution (RCE) privileges on the ResourceSpace server.

Are your credential policies implemented right? Are your enterprise accounts configured correctly? How do you know? Most phishing, ransomware, and credential attacks start by gaining access to a host and compromising a domain user (Credential Attacks – Horizon3.ai). With a credential in hand, an attacker can persist and pervade, appearing like a legitimate user and…

While so many are focused on vulnerabilities and malware on endpoints, understanding the attack paths an attacker would exploit to hold your business and brand at risk is key.

The hardest part of cyber security is deciding what NOT to do. Being vulnerable doesn’t mean you’re exploitable.

Credential attacks bypass traditional defenses and cause billions in damage. Learn why they work, what’s at risk, and how Horizon3.ai helps fix what matters.

Learn why regulatory compliance is not enough for true cybersecurity. Discover how continuous automated pentesting and network segmentation help you move beyond check-the-box security.

Being a #learnitall, Lesson 1: Be Open to Be Wow’d Most of the startup advice out there is pretty clear: get feedback early and often. Customer input is invaluable to delivering iter0, your MVP, feature releases that matter, bug fixes, utility and simplicity. In Customer Success, a lot of the job is review and advise so…

In the world of network security, compliance is the bare minimum. Compliance is locking your door, but what about your windows?