How NodeZero Enhances Cybersecurity

As the industry accelerates toward a threat landscape of attack and defense by algorithm and machine, humans must run at machine speed to manage the stakes of tool misconfiguration, mishandling of logs, and missed patching opportunities. The NodeZero app for Splunk is a force multiplier—combining attacker insights into your unique environment with your existing Splunk data and workflows to enable cybersecurity teams to proactively find and fix internal and external attack vectors before they are exploited.

NodeZero is the world’s leading autonomous pentesting solution—a true continuous pentesting SaaS offering that is safe to run in production and requires no persistent or credentialed agents.

NodeZero, discovered a customer’s host that had not appeared in previous pentests due to a small change in their configuration.

In this session, Noah and his mentors will not only explore why the Kerberoasting attack technique is so pervasive and how you can configure Kerberos better to avoid these attacks, but also alternative setups that allow you to avoid Kerberoasting altogether.

Apache Superset is an open source data visualization and exploration tool. It has over 50K stars on GitHub, and there are more than 3000 instances of it exposed to the Internet. In our research, we found that a substantial portion of these servers - at least 2000...

Overview On 8 March 2023, PaperCut released new versions for their enterprise print management software, which included patches for two vulnerabilities: CVE-2023-27350 and CVE-2023-27351. The PaperCut security advisory details CVE-2023-27350 as a vulnerability that...

NodeZero is the world’s leading autonomous pentesting solution—a true continuous pentesting SaaS offering that is safe to run in production and requires no persistent or credentialed agents.

NodeZero, discovered a customer’s host that had not appeared in previous pentests due to a small change in their configuration.

Podcast Channel of AST Cybersecurity: 05/25/22. Horizon3.ai CEO and co-founder Snehal Antani joins Ravi Das to discuss the cybersecurity challenges of the healthcare industry.

XorDdos Is continuing to hunt servers with weak passwords. According to a recent post from Microsoft, there’s been a 254% increase in activity from XorDdos – an eight-year-old network of infected Linux machines used for DDoS attacks.

Horizon3.ai news, including an award nomination, plus cybersecurity updates for education and M&A.

The Log4Shell RCE vulnerability in Apache Log4j, CVE-2021-44228, dates to 2013 when Log4j 2.0-beta9 was released. An analysis of our pentesting data using NodeZero identified and provided proof of exploit for over 105 unique instances of the CVE within our customers’ environments.

Noah King, Brad Hong, and Jake Murphy were back at it again with this third installment of 'The Attackers Journey'. This series has focused on Noah King on his journey to become an ethical hacker. Pt. 3 was no different, with a focus on Server-Side Request Forgery!

It took just two days for a pair of researchers from Horizon3.ai to discover exploits for the new F5 BIG-IP vulnerability, and have called for devices to be immediately updated to protect against bad actors.

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

No Results Found

No Results Found

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

No Results Found

No Results Found

Research Blog

Filters