How NodeZero Enhances Cybersecurity

Teaching hospital insisted on false positive when NodeZero exploited a critical but year-old vulnerability in under one day, but…

It isn’t enough to have to have the security solution. A medical clinic with over 120 providers used best-in-class endpoint detection and response
(EDR) software. Nevertheless, NodeZero quickly identified a device’s Local Security Authority Subsystem Service Process (LSASS), dump and
cracked user credentials, moved laterally, and gained Windows Domain Administrator privileges. The result: full domain rights.

The NodeZero™ platform helps organizations improve SecOps productivity and save on third-party pentest & vulnerability scanner costs. Learn how in the commissioned Forrester Consulting Total Economic Impact™ study. Download the Study

Join this dynamic conversation with Guest Forrester Consultant Luca Son and Horizon3.ai CEO and Co-Founder Snehal Antani. Our featured speakers will explore the findings of the new The Total Economic Impact™ (TEI) of the NodeZero Platform, a study Horizon3.ai commissioned from Forrester Consulting.

You’ll learn about:
The challenges these security teams hoped faced with costly, limited manual pentesting and false positives from vulnerability scanners

The transformation of their cybersecurity programs with NodeZero, including 30% operations time savings, 95% reduction of third-party pentesting costs, and 65% reduction of vulnerability scanning costs

How the Forrester methodology was used to quantify $809K in benefits and a return of $1.63 in value for every dollar spent on NodeZero

Stephen Gates, Principal Security SME at Horizon3.ai and Art Ocain, CISO and Strategic Alliances Management at Airiam discuss:

– Why there is a growing demand for Managed Resiliency Services in todays’ enterprises.
– What Airiam does to help clients improve their business resiliency against cyberattacks.
– How NodeZero™ reduces vulnerabilities by ~50% across Airiam’s entire client base.

Low-Level Vulnerability Leads to Domain Compromise

NodeZero APT: Azure Password Spray to Business Email Compromise

Introduction Memory safety issues have plagued the software industry for decades. The Cybersecurity & Infrastructure Security Agency (CISA) has been leading a charge for secure-by-design and encouraging developers and vendors to utilize memory safe languages like...

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.

Businesswire 02/07/2023 Proactive Risk, a leading provider of technology risk management solutions, is excited to announce that it has joined the Horizon3.ai Partner Program as an Authorized Service Provider. Read the entire article here

Businesswire 02/02/2023 Horizon3.ai, a leading cybersecurity firm focused on autonomous penetration testing, today issued, “Year in Review 2022: Through the Eyes of the Attacker,” its inaugural edition of the cybersecurity threatscape. Read the entire article...

Businesswire: 12/01/2022 Horizon3.ai, a leading cybersecurity firm focused on autonomous penetration testing, announced its vendor profile is now available to Amazon Web Services (AWS) customers to automate and simplify the software risk assessment process. Read the...

Teaching hospital insisted on false positive when NodeZero exploited a critical but year-old vulnerability in under one day, but…

You’ll learn about:
The challenges these security teams hoped faced with costly, limited manual pentesting and false positives from vulnerability scanners

How the Forrester methodology was used to quantify $809K in benefits and a return of $1.63 in value for every dollar spent on NodeZero

Stephen Gates, Principal Security SME at Horizon3.ai and Art Ocain, CISO and Strategic Alliances Management at Airiam discuss:

Low-Level Vulnerability Leads to Domain Compromise

NodeZero APT: Azure Password Spray to Business Email Compromise

Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, 2023, and since then we have seen evidence of mass exploitation and implantation. In this post we share our technical insights so far into these vulnerabilities. Cisco IOS XE Architecture...

Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). In that report, we showed how an attacker could use three different CVEs to achieve remote code execution. During the course of that investigation, we noticed the fix provided by...

On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote Access Tools (RATs) and backdoor vulnerable devices exposed on the internet.

A Brand Story Conversation With Sean Martin And Snehal Antani, Co-Founder & CEO At Horizon3.ai

Horizon3.ai Senior Engineer Noah King discusses the journey of obtaining an Offensive Security Certified Professional (OSCP) certification. Whether you're a cybersecurity enthusiast or a beginner looking to explore the field, you'll learn tips and tricks to help you navigate the certification process, including: - How to get started in Offensive Security with little or no prior experience. - An understanding...

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Strategies

Industry Insights

Attack Research

Attack Content

Research Blog

Filters