Blogs
SEARCH
CATEGORIES
TAGS
NodeZero Insights™: Proof Over Promises in Cybersecurity
December 17, 2024
Discover how NodeZero Insights™ delivers actionable, continuous proof of security progress, empowering leaders to find, fix, and verify risks.
Why You Need NodeZero™ Kubernetes Pentesting to Secure Your Containers
Secure your Kubernetes clusters with NodeZero’s autonomous pentesting – proactive, continuous testing to identify vulnerabilities before attackers do.
Mastering Cloud Security: Uncovering Hidden Vulnerabilities with NodeZero™
August 21, 2024
Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover vulnerabilities across AWS and Azure, prioritize identity risks, and secure your environment in just minutes. Stay ahead of threats.
Ensuring Cybersecurity: Horizon3.ai’s Rapid Response Service in Action
July 10, 2024
How Horizon3.ai's Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and where the at-risk software is deployed in your environment. To address the need to find what’s exploitable, Horizon3.ai developed and recently unveiled…
Enhancing Vulnerability Management: Integrating Autonomous Penetration Testing
June 17, 2024
Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability chaining, empowering organizations to prioritize and mitigate security weaknesses strategically.
NodeZero: Testing for Exploitability of Palo Alto Networks CVE-2024-3400
April 25, 2024
On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in the PAN-OS® software that runs Palo Alto Networks® Next-Generation Firewalls (NGFWs).
CVE-2024-21893: Another Ivanti Vulnerability Exploited in the Wild. Verify with NodeZero Today!
February 5, 2024
On 22 January, Ivanti published an advisory stating that they discovered two new, high-severity vulnerabilities (CVE-2024-21888 and CVE-2024-21893) after researching previously reported vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateways. Ivanti provides enterprise solutions, including patch management and IT security solutions to over 40,000 customers worldwide. While there is no evidence of…
Gone Phishing: How an Intern’s Credentials can be a Gateway to Your Crown Jewels
February 5, 2024
“Who cares that the intern was phished during our phishing campaign? It’s an intern, they don't have access to anything important."
CVE-2024-23897: Check Critical Jenkins Arbitrary File Leak Vulnerability Now!
January 30, 2024
On 24 January 2024, the Jenkins team issued a security advisory disclosing a critical vulnerability that affects the Jenkins CI/CD tool. Jenkins is a Java-based open-source automation server run by over 1 million users that helps developers build, test and deploy applications, enabling continuous integration and continuous delivery. The critical vulnerability is tracked as CVE-2024-23897…
CVE-2024-0204: Check Critical Fortra GoAnywhere MFT Authentication Bypass with NodeZero™️ Now!
January 24, 2024
On 22 January, Fortra issued an advisory stating that versions of its GoAnywhere Managed File Transfer (MFT) product suffer from an authentication bypass vulnerability.