Defense in Depth

The best time to start hardening your systems was 3 years ago… the next best time to start is NOW.

Broadly Accepted Security Principles

  • Assume the attacker will gain initial access and focus your defenses on stifling the establishment of Command & Control, executing lateral movements, escalating privileges, and data exfiltration
  • Proactively harden your systems by quickly finding, fixing, and verifying the remediation of exploitable attack paths
  • “Train like you fight” to identify weaknesses in your security controls PRIOR to a breach

A security testing strategy to complement your defense-in-depth strategy:

Vip Crown Queen 2 Streamline Icon: https://streamlinehq.com
Continuously executed Unauthenticated pentests (both internal & external) to identify ways an attacker can access your "crown jewels" data & systems with minimal effort
Stopwatch Alternate Streamline Icon: https://streamlinehq.com
Execute no-notice pentests to measure and improve the reaction time of your SOC or MSSP
Messages Bubble Warning Streamline Icon: https://streamlinehq.com
Execute yes-notice pentests and collaborate with the SOC and IT Operations to harden your systems, operating as a purple team

Defense in Depth

Layered assessments are critical for your cybersecurity strategy, now more than ever. Starting with primary defenses and layering to more advanced defensive measures is a form of ‘Defense in Depth’ that has proven to work.

Defense in Depth Whitepaper
Defense in Depth Whitepaper

Layered Defenses Require Layered Assessments.

“Layered Assessments” – focusing on attack vectors that pose ongoing risk in a rapidly changing network and application environment – allow organizations to test defenses and adjust quickly when weaknesses are identified. They leverage automation to frequently assess attack patterns used most frequently by attackers, reserving scarce and more expensive security resources to assess lesser used attack patterns. Layered Assessments allow organizations to scale assessments across their entire portfolio.

Download the entire whitepaper to learn more.

Read More

Traditional pentests, whether automated or manual, present several challenges to organizations:

Folder Dash Streamline Icon: https://streamlinehq.com
Incomplete
More time is more complete, but also more expensive. To compensate for this, the attackers are often provided credentials to accelerate the tests.
Resize Expand Corner 1 Streamline Icon: https://streamlinehq.com
Scalability
A thorough manual pentest often costs $30,000 to $50,000 per engagement. This limits manual pentests to infrequent assessments.
Hourglass Streamline Icon: https://streamlinehq.com
Timeliness
Manual pentests are measured in weeks. Attackers are always present and evolving their tactics.
Coding Apps Website Fix Wrench Streamline Icon: https://streamlinehq.com
Remediation
Results are filled with false positives and little remediation information, using just a point-in-time representation of a system’s security.
Crime Man Thief 2 Streamline Icon: https://streamlinehq.com
Real Adversaries Seek Minimum Effort
They look for attack vectors that allow deeper reconnaissance, then chain weaknesses to gain credentials, escalate privileges and execute attacks.

Autonomous Red Teaming

Binocular Streamline Icon: https://streamlinehq.com
Reconnaissance

The first step in an assessment is to map and catalog the environment. NodeZero starts with unauthenticated access to the system, then creates a Knowledge Graph, identifying all hosts, misconfigurations, open ports, and searches for credentials.

Astronomy Comet Streamline Icon: https://streamlinehq.com
Impact

Like a determined attacker, NodeZero surfaces data at risk across physical and virtual environments it was able to access with read/write privileges, including SMB shares, NFS shares, FTP shares, cloud storage, vCenter servers, and databases.

Automatic Mode 2 Streamline Icon: https://streamlinehq.com
Maneuver Loop

NodeZero acts as an Advanced Persistent Threat (APT), orchestrating over 100 offensive tools to harvest credentials, exploit vulnerabilities, and exploit default and misconfigurations to execute attacks.

Scoreboard 3 Streamline Icon: https://streamlinehq.com
Contextual Scoring

Instead of relying on CVSS scores, NodeZero evaluates each weakness by its role in the successful attack. Organizations can quickly identify those weaknesses that present the greatest threat and must be addressed immediately, and which can be safely deferred.

Target Path Streamline Icon: https://streamlinehq.com
Verified Attack Paths

The results are provided as “Proofs” with graphical and textual representations of each step of a successful attack, including tactics used, how credentials were obtained, paths taken to gain privileges, and access to systems.

Coding Apps Website Fix Wrench Streamline Icon: https://streamlinehq.com
Actionable Remediation

NodeZero provides precise and actionable remediation guidance, allowing security and operations to resolve issues at the root cause.

NodeZero Enables Continuous, Autonomous Assessments.

NodeZero is a true self-service SaaS offering that is safe to run in production and requires no persistent or credentialed agents. It assesses systems as would a manual pentester, but faster, more completely, and with more actionable results. By starting with unauthenticated access to a system, NodeZero mimics the approach used by your adversaries.

Get a Demo of NodeZero

Find out how Horizon3.ai can uncover your weaknesses—and empower you to fix them before attackers exploit them.

Get a Demo