How NodeZero Enhances Cybersecurity

NodeZero helps JTI Cybersecurity scale by automating penetration testing, finding vulnerabilities, and enhancing client security efficiently and effectively.

In an increasingly interconnected world, where digital technologies infiltrate every aspect of society, vulnerabilities in these systems can be exploited by malicious actors to disrupt emergency services, compromise sensitive information, or even endanger lives.

Horizon3.ai’s Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion’s shift to managed services & blending #NodeZero for security.

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

As cyber attacks become increasingly complex, sophisticated, and more frequent, security teams need to be able to identify attacks faster and with higher accuracy. But users report that current detection workflows have high set-up and maintenance needs and introduce lots of noise and time-consuming false-positives. In this session, we highlight new approaches to overcome those drawbacks:

– Why rapid threat detection is increasingly critical for every security team in today’s threat landscape.
– A new approach to threat detection that doesn’t increase your team’s workload.
– A preview of how NodeZero Tripwires helps you detect threats faster and accurately.

NodeZero APT: Azure Password Spray to Business Email Compromise

On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it's Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated...

Business Wire 09/19/2024 Horizon3.ai, a global leader in autonomous security, announces that Nicholas Warner has joined its board as an Independent Director. Warner brings over two decades of cybersecurity experience, marked by a proven track record in scaling...

Business Wire 09/10/2024 Horizon3.ai, a global leader in autonomous security solutions, today unveiled NodeZero Tripwires™, an addition to its product suite that integrates attack detection directly into the penetration testing process. This first-of-its-kind solution...

Business Wire 08/13/2024 Horizon3.ai, a global leader in autonomous security solutions for both public and private sectors, today announced their partnership with FedHIVE, a leading cloud service offering for federal agencies, government contractors, and commercial...

NodeZero helps JTI Cybersecurity scale by automating penetration testing, finding vulnerabilities, and enhancing client security efficiently and effectively.

Horizon3.ai’s Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion’s shift to managed services & blending #NodeZero for security.

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

NodeZero APT: Azure Password Spray to Business Email Compromise

On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA’s Known Exploited Vulnerability (KEV) catalog two days later on August 15, 2024. The advisory states: SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution...

On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it’s Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated vulnerability. Shortly after on September 13, 2024, the vulnerability was added to CISA’s Known Exploited Vulnerabilities (KEV). Given it was now exploited in...

Update: 2024-09-16 We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The content of this blog has been updated accordingly. Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that allows for centralized management...

This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Strategies

Industry Insights

Attack Research

Attack Content

Research Blog

Filters