How NodeZero Enhances Cybersecurity

Art Ocain, Field CISO at Airiam, and Naveen Sunkavally, Chief Architect at Horizon3.ai join forces in this webinar, where you will gain an in-depth understanding of threat actors and their tactics through a LIVE attack simulation.

In Horizon3.ai’s three years of operation, we have conducted more than 15,000 pentests yielding results for our clients and data for our engineers. Join our CEO, Snehal Antani, for stories from the trenches.

This month we’ll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important.

During this session we’ll also look at how AI powered Autonomous Pentesting finally gives organizations the ability to pentest themselves at scale to quickly identify their exploitable attack surface.

Over the last week, the widely reported critical security flaw in the Progress MOVEit Transfer application (CVE-2023-34362) reminded us yet again to remain vigilant in securing our IT infrastructure from potential cyber threat actors.

The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.

Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can exploit this vulnerability to download and delete arbitrary files, and in...

Since introducing NTLM coercion techniques such as PetitPotam into the NodeZero platform, we frequently have security practitioners request help understanding these techniques and what impact they have to their enterprise. There is a lack of concise resources to...

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.

Business Wire: 06/06/22 Horizon3.ai is proud to announce its NodeZero Autonomous Penetration Testing has won the Best Penetration Test Solution Award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine. Read entire...

Business Wire: 06/01/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, today announced it has extended the capabilities of its NodeZero platform to include external penetration testing. With this enhancement, Horizon3.ai is the first...

Business Wire: 05/23/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, today announced the appointment of Chris Hill as the Sector Head for Public Sector, Federal. Hill will execute Horizon3.ai’s vision for creating a better, more secure...

This month we’ll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important.

The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.

On May 31, 2023, Progress released a security advisory for their MOVEit Transfer application which detailed a SQL injection leading to remote code execution and urged customers to update to the latest version. The vulnerability, CVE-2023-34362, at the time of release was believed to have been exploited in-the-wild as a 0-day dating back at least 30 days. Soon after publication,...

Gartner® recently published a report called, Emerging Tech: Grow Your Security Service Revenue with Cybersecurity Validations. We believe the report provides research from a buyer’s perspective on security services they purchase while offering guidance to MSPs and MSSPs on how to improve retention and upsell rates of the critical services they provide. So, what has Gartner discovered, and what do...

In early 2023, CISA launched their Ransomware Vulnerability Awareness Pilot (RVWP). It’s designed to warn critical infrastructure (CI) entities that their systems have exposed vulnerabilities that may be exploited by ransomware threat actors. The plan is to identify affected systems that may be prevalent in CI networks, then notify operators about potential risk of exploitation. The idea behind this is...

Hear directly from Zach Hanley, one of Horizon3.ai's founding engineers as he walks you through a recent critical vulnerability case study. He is joined on this session by Scott Friedman, one of our Sales Engineers.

Hear directly from two of Horizon3.ai's founding engineers - Naveen Sunkavally, Chief Architect, and Rob Alderman, Data Architect - as they walk you through an exclusive tour of NodeZero's latest product refresh.

Apache Superset is an open source data visualization and exploration tool. It has over 50K stars on GitHub, and there are more than 3000 instances of it exposed to the Internet. In our research, we found that a substantial portion of these servers – at least 2000 (two-thirds of all servers) – are running with a dangerous default configuration. As...

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

Research Blog

Filters