Higher Education Organization Improves Cybersecurity Posture with NodeZero Nov 16, 2022When the director of technology for a higher education organization went looking for a better way to identify and prioritize security weaknesses on the school’s servers and networks, his first interaction with Horizon3.ai and NodeZero started off with an impressive bang. “I wanted to see proof of concept, and Horizon3.ai solved one of our biggest security holes because of that PoC,”
Vulnerable ≠ Exploitable: A lesson on prioritization Sep 13, 2022Pen testers, vulnerability scanners, and installed agents alert on potential vulnerabilities and breaches. You receive a list, or a notification, and you respond. Ever wonder how much of your time and effort is being wasted fixing things that don’t actually matter?
Fireside Chat: Horizon3.ai and Moravian University Feb 8, 2024 Horizon3.ai Principal Security SME Stephen Gates and Moravian University Director of Information Security James Beers discuss: – How James measures cyber risk within their constantly changing educational environment – What kinds of attacker TTPs are the most worrisome to organizations in higher education – Why an offensive approach to discover and mitigate exploitable vulnerabilities works best
CVE-2024-21893: Another Ivanti Vulnerability Exploited in the Wild. Verify with NodeZero Today! Feb 5, 2024On 22 January, Ivanti published an advisory stating that they discovered two new, high-severity vulnerabilities (CVE-2024-21888 and CVE-2024-21893) after researching previously reported vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and ZTA...
Gone Phishing: How an Intern’s Credentials can be a Gateway to Your Crown Jewels Feb 5, 2024“Who cares that the intern was phished during our phishing campaign? It’s an intern, they don’t have access to anything important.”
NodeZero Pivots Through Your Network with the Attacker’s Perspective A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.
On-Prem Misconfigurations Lead to Entra Tenant Compromise May 20, 2024As enterprises continue to transition on-premises infrastructure and information systems to the cloud, hybrid cloud systems have emerged as a vital solution, balancing the benefits of both environments to optimize performance, scalability, and ease of change on users...
CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive May 20, 2024In early 2023, given some early success in auditing Fortinet appliances, I continued the effort and landed upon the Fortinet FortiSIEM. Several issues were discovered during this audit that ultimately lead to unauthenticated remote code execution in the context of the...
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I kindly inquired with the PSIRT if I could have access to the most recent versions to some of their appliances to validate the patches, to which...
Horizon3.ai Appoints Torie Runzel as Vice President of People Jan 8, 2024Business Wire 01/08/2024 Horizon3.ai, a leading provider of autonomous security solutions, today announced that Torie Runzel has joined as Vice President of People, effective immediately... Read the entire article here
Horizon3.ai Closes Out 2023 With Numerous Honors and Accolades Dec 21, 2023Business Wire 12/21/2023 Horizon3.ai, a leading provider of autonomous security solutions, celebrated 2023, a break-out year in which the company was honored with numerous recognitions and prestigious honors... Read the entire article here
Horizon3.ai Recognized as a Fastest-Growing Cybersecurity Company on the Fortune Cyber 60 List Dec 18, 2023Business Wire 12/18/2023 Horizon3.ai, a leading provider of autonomous security solutions, today announced that it has been named to the Fortune Cyber 60 2023 list. The Fortune Cyber 60 is a new listing of the most important venture-backed startups that offer...
12 November Maximizing Offensive Security: Addressing Shortcomings and Improving EffectivenessMaximizing Offensive Security: Addressing Shortcomings and Improving Effectiveness3:30 pmZoom Webinar
21 November Information Security ForumInformation Security Forum7:30 amOmni Boston Hotel at the Seaport
12 December Uncover Kubernetes Security Weaknesses with NodeZero™Uncover Kubernetes Security Weaknesses with NodeZero™1:00 pmZoom Webinar
Higher Education Organization Improves Cybersecurity Posture with NodeZero Nov 16, 2022When the director of technology for a higher education organization went looking for a better way to identify and prioritize security weaknesses on the school’s servers and networks, his first interaction with Horizon3.ai and NodeZero started off with an impressive bang. “I wanted to see proof of concept, and Horizon3.ai solved one of our biggest security holes because of that PoC,”
Vulnerable ≠ Exploitable: A lesson on prioritization Sep 13, 2022Pen testers, vulnerability scanners, and installed agents alert on potential vulnerabilities and breaches. You receive a list, or a notification, and you respond. Ever wonder how much of your time and effort is being wasted fixing things that don’t actually matter?
Fireside Chat: Horizon3.ai and Moravian University Feb 8, 2024 Horizon3.ai Principal Security SME Stephen Gates and Moravian University Director of Information Security James Beers discuss: – How James measures cyber risk within their constantly changing educational environment – What kinds of attacker TTPs are the most worrisome to organizations in higher education – Why an offensive approach to discover and mitigate exploitable vulnerabilities works best
CVE-2024-21893: Another Ivanti Vulnerability Exploited in the Wild. Verify with NodeZero Today! Feb 5, 2024On 22 January, Ivanti published an advisory stating that they discovered two new, high-severity vulnerabilities (CVE-2024-21888 and CVE-2024-21893) after researching previously reported vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and ZTA...
Gone Phishing: How an Intern’s Credentials can be a Gateway to Your Crown Jewels Feb 5, 2024“Who cares that the intern was phished during our phishing campaign? It’s an intern, they don’t have access to anything important.”
NodeZero Pivots Through Your Network with the Attacker’s Perspective A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.
On-Prem Misconfigurations Lead to Entra Tenant Compromise May 20, 2024As enterprises continue to transition on-premises infrastructure and information systems to the cloud, hybrid cloud systems have emerged as a vital solution, balancing the benefits of both environments to optimize performance, scalability, and ease of change on users...
CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive May 20, 2024In early 2023, given some early success in auditing Fortinet appliances, I continued the effort and landed upon the Fortinet FortiSIEM. Several issues were discovered during this audit that ultimately lead to unauthenticated remote code execution in the context of the...
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I kindly inquired with the PSIRT if I could have access to the most recent versions to some of their appliances to validate the patches, to which...
Horizon3.ai Appoints Torie Runzel as Vice President of People Jan 8, 2024Business Wire 01/08/2024 Horizon3.ai, a leading provider of autonomous security solutions, today announced that Torie Runzel has joined as Vice President of People, effective immediately... Read the entire article here
Horizon3.ai Closes Out 2023 With Numerous Honors and Accolades Dec 21, 2023Business Wire 12/21/2023 Horizon3.ai, a leading provider of autonomous security solutions, celebrated 2023, a break-out year in which the company was honored with numerous recognitions and prestigious honors... Read the entire article here
Horizon3.ai Recognized as a Fastest-Growing Cybersecurity Company on the Fortune Cyber 60 List Dec 18, 2023Business Wire 12/18/2023 Horizon3.ai, a leading provider of autonomous security solutions, today announced that it has been named to the Fortune Cyber 60 2023 list. The Fortune Cyber 60 is a new listing of the most important venture-backed startups that offer...
12 November Maximizing Offensive Security: Addressing Shortcomings and Improving EffectivenessMaximizing Offensive Security: Addressing Shortcomings and Improving Effectiveness3:30 pmZoom Webinar
21 November Information Security ForumInformation Security Forum7:30 amOmni Boston Hotel at the Seaport
12 December Uncover Kubernetes Security Weaknesses with NodeZero™Uncover Kubernetes Security Weaknesses with NodeZero™1:00 pmZoom Webinar
