How NodeZero Enhances Cybersecurity

NodeZero identified those critical few vulnerabilities that are actually exploitable, allowing us to maximize increased security with minimum effort.

As the Information Technology Security Officer for the City of St. Petersburg, FL, Brian Campbell is always on the lookout for ways to elevate the city’s security posture. A cold phone call from Horizon3.ai led to a test run of NodeZero, with its capacity to save time and effort assessing and addressing potential weaknesses.

On 22 January, Fortra issued an advisory stating that versions of its GoAnywhere Managed File Transfer (MFT) product suffer from an authentication bypass vulnerability.

On 16 January, Atlassian released a security advisory concerning CVE-2023-22527 that affects vulnerable out-of-date versions of Confluence Data Center and Server.

Two recent Ivanti CVEs are being actively exploited by suspected nation-state threat actors.

Combining Compromised Credentials Enables Domain Takeover

On February 27, 2024, Progress released a security advisory for OpenEdge, their application development and deployment platform suite. The advisory details that there exists an authentication bypass vulnerability which effects certain components of the OpenEdge...

Introduction On February 19, 2023, ConnectWise published a security advisory for their ScreenConnect remote management tool. In the advisory, they describe two vulnerabilities, an authentication bypass with CVSS 10.0 and a path traversal with CVSS 8.4 (both currently...

NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.

Business Wire 08/08/2023 Horizon3.ai, a leading provider of autonomous security solutions, today announced $40M in Series C funding led by Craft Ventures with participation from Signal Fire. With 3x customer growth year-over-year, Horizon3.ai’s NodeZero™ platform has...

Businesswire 06/01/2023 Autonomos.ai has joined forces with Horizon3.ai, a U.S.-based cybersecurity firm, as a fully licensed and Certified Partner to introduce advanced cybersecurity services to the African continent. This partnership aims to provide enterprises,...

Businesswire 03/14/2023 Horizon3.ai, a leading cybersecurity firm specializing in autonomous penetration testing, today launched a major product refresh, doubling down on its commitment to help organizations continuously verify their security posture. Read the entire...

NodeZero identified those critical few vulnerabilities that are actually exploitable, allowing us to maximize increased security with minimum effort.

On 22 January, Fortra issued an advisory stating that versions of its GoAnywhere Managed File Transfer (MFT) product suffer from an authentication bypass vulnerability.

On 16 January, Atlassian released a security advisory concerning CVE-2023-22527 that affects vulnerable out-of-date versions of Confluence Data Center and Server.

Two recent Ivanti CVEs are being actively exploited by suspected nation-state threat actors.

Combining Compromised Credentials Enables Domain Takeover

NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.

The NodeZero™ platform helps organizations improve SecOps productivity and save on third-party pentest & vulnerability scanner costs. Learn how in the commissioned Forrester Consulting Total Economic Impact™ study. Download the Study

Join this dynamic conversation with Guest Forrester Consultant Luca Son and Horizon3.ai CEO and Co-Founder Snehal Antani. Our featured speakers will explore the findings of the new The Total Economic Impact™ (TEI) of the NodeZero Platform, a study Horizon3.ai commissioned from Forrester Consulting. You’ll learn about: The challenges these security teams hoped faced with costly, limited manual pentesting and false...

Stephen Gates, Principal Security SME at Horizon3.ai and Art Ocain, CISO and Strategic Alliances Management at Airiam discuss: - Why there is a growing demand for Managed Resiliency Services in todays’ enterprises. - What Airiam does to help clients improve their business resiliency against cyberattacks. - How NodeZero™ reduces vulnerabilities by ~50% across Airiam’s entire client base.

Amidst the hustle and bustle of holiday preparations and last-minute shopping, cybercriminals often take advantage of the increased online activity and spending complacency of individuals and businesses...

Stephen Gates, Principal Security SME at Horizon3.ai and Calvin Engen, Chief Technology Officer, and Managing Partner of F12.net discuss: - Why there is a such growing demand for managed cybersecurity services. - What’s helping F12 clients meet and exceed cybersecurity standards and best practices. - Where Calvin thinks the security industry is headed and what technologies stand out. - How...

Introduction This post is a follow up to https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/. Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco IOS XE and identified some likely vectors an attacker might have used to exploit these vulnerabilities. Now, thanks to SECUINFRA FALCON TEAM’s honeypot, we have further insight into these vulnerabilities. POC See below for an example request that bypasses authentication...

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Strategies

Industry Insights

Attack Research

Attack Content

Research Blog

Filters