Higher Education Organization Improves Cybersecurity Posture with NodeZero Nov 16, 2022When the director of technology for a higher education organization went looking for a better way to identify and prioritize security weaknesses on the school’s servers and networks, his first interaction with Horizon3.ai and NodeZero started off with an impressive bang. “I wanted to see proof of concept, and Horizon3.ai solved one of our biggest security holes because of that PoC,”
Vulnerable ≠ Exploitable: A lesson on prioritization Sep 13, 2022Pen testers, vulnerability scanners, and installed agents alert on potential vulnerabilities and breaches. You receive a list, or a notification, and you respond. Ever wonder how much of your time and effort is being wasted fixing things that don’t actually matter?
NodeZero: Testing for Exploitability of Palo Alto Networks CVE-2024-3400 Apr 25, 2024On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in the PAN-OS® software that runs Palo Alto Networks® Next-Generation Firewalls (NGFWs).
Fireside Chat: Horizon3.ai and JTI Cybersecurity Apr 17, 2024Horizon3.ai Principal Security SME Stephen Gates and JTI Cybersecurity Principal Consultant Jon Isaacson discuss: – What JTI does to validate things like access control, data loss prevention, ransomware protection, and intrusion detection approaches. – How #pentesting and red team exercises allow orgs to validate the effectiveness of their security controls. – Why offensive operations work best to discover and mitigate exploitable vulnerabilities in their client’s infrastructures.
No waiting, no wondering: Streamline your PCI pentesting process with Horizon3.ai Apr 3, 2024Demand for #pentesting expertise is at an all-time high, and many orgs are struggling to meet their annual requirements for the PCI DSS v4.0. This webinar explains how our services fulfill your pentesting requirements and help you streamline your remediation efforts.
Apache ActiveMQ RCE Leads to Domain Compromise Pervasive CISA Known Exploited Vulnerability Enables Initial Access
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive May 28, 2024In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I kindly inquired with the PSIRT if I could have access to the most recent versions to some of their appliances to validate the patches, to which...
On-Prem Misconfigurations Lead to Entra Tenant Compromise May 20, 2024As enterprises continue to transition on-premises infrastructure and information systems to the cloud, hybrid cloud systems have emerged as a vital solution, balancing the benefits of both environments to optimize performance, scalability, and ease of change on users...
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I kindly inquired with the PSIRT if I could have access to the most recent versions to some of their appliances to validate the patches, to which...
Horizon3.ai Garners Spot in 2024 CRN® Partner Program Guide Mar 25, 2024Business Wire 03/25/2024 Horizon3.ai, a pioneer in autonomous security solutions, has been honored by CRN®, a brand of The Channel Company, with inclusion in its 2024 Partner Program Guide. This annual guide provides essential information to solution providers...
Horizon3.ai Unveils Pentesting Services for Compliance Ahead of PCI DSS v4.0 Rollout Mar 5, 2024Business Wire 03/05/2024 Horizon3.ai, a pioneer in autonomous security solutions, today announced the availability of the Horizon3.ai Pentesting Services for Compliance. Horizon3.ai recognizes that demand for pentesting expertise is at an all-time high... Read the...
Horizon3.ai Unveils Phishing Impact Testing to Help Organizations Understand the Impact of Phished Credentials Feb 7, 2024Business Wire 02/07/2024 Horizon3.ai, a pioneer in autonomous security solutions, today announced the launch of its first-to-market Phishing Impact test capability within NodeZero™. This new capability marks a significant... Read the entire article here
14 January Prove the impact of cybersecurity investments—holistically and continuouslyProve the impact of cybersecurity investments—holistically and continuously1:00 pmZoom Webinar
Higher Education Organization Improves Cybersecurity Posture with NodeZero Nov 16, 2022When the director of technology for a higher education organization went looking for a better way to identify and prioritize security weaknesses on the school’s servers and networks, his first interaction with Horizon3.ai and NodeZero started off with an impressive bang. “I wanted to see proof of concept, and Horizon3.ai solved one of our biggest security holes because of that PoC,”
Vulnerable ≠ Exploitable: A lesson on prioritization Sep 13, 2022Pen testers, vulnerability scanners, and installed agents alert on potential vulnerabilities and breaches. You receive a list, or a notification, and you respond. Ever wonder how much of your time and effort is being wasted fixing things that don’t actually matter?
NodeZero: Testing for Exploitability of Palo Alto Networks CVE-2024-3400 Apr 25, 2024On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in the PAN-OS® software that runs Palo Alto Networks® Next-Generation Firewalls (NGFWs).
Fireside Chat: Horizon3.ai and JTI Cybersecurity Apr 17, 2024Horizon3.ai Principal Security SME Stephen Gates and JTI Cybersecurity Principal Consultant Jon Isaacson discuss: – What JTI does to validate things like access control, data loss prevention, ransomware protection, and intrusion detection approaches. – How #pentesting and red team exercises allow orgs to validate the effectiveness of their security controls. – Why offensive operations work best to discover and mitigate exploitable vulnerabilities in their client’s infrastructures.
No waiting, no wondering: Streamline your PCI pentesting process with Horizon3.ai Apr 3, 2024Demand for #pentesting expertise is at an all-time high, and many orgs are struggling to meet their annual requirements for the PCI DSS v4.0. This webinar explains how our services fulfill your pentesting requirements and help you streamline your remediation efforts.
Apache ActiveMQ RCE Leads to Domain Compromise Pervasive CISA Known Exploited Vulnerability Enables Initial Access
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive May 28, 2024In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I kindly inquired with the PSIRT if I could have access to the most recent versions to some of their appliances to validate the patches, to which...
On-Prem Misconfigurations Lead to Entra Tenant Compromise May 20, 2024As enterprises continue to transition on-premises infrastructure and information systems to the cloud, hybrid cloud systems have emerged as a vital solution, balancing the benefits of both environments to optimize performance, scalability, and ease of change on users...
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I kindly inquired with the PSIRT if I could have access to the most recent versions to some of their appliances to validate the patches, to which...
Horizon3.ai Garners Spot in 2024 CRN® Partner Program Guide Mar 25, 2024Business Wire 03/25/2024 Horizon3.ai, a pioneer in autonomous security solutions, has been honored by CRN®, a brand of The Channel Company, with inclusion in its 2024 Partner Program Guide. This annual guide provides essential information to solution providers...
Horizon3.ai Unveils Pentesting Services for Compliance Ahead of PCI DSS v4.0 Rollout Mar 5, 2024Business Wire 03/05/2024 Horizon3.ai, a pioneer in autonomous security solutions, today announced the availability of the Horizon3.ai Pentesting Services for Compliance. Horizon3.ai recognizes that demand for pentesting expertise is at an all-time high... Read the...
Horizon3.ai Unveils Phishing Impact Testing to Help Organizations Understand the Impact of Phished Credentials Feb 7, 2024Business Wire 02/07/2024 Horizon3.ai, a pioneer in autonomous security solutions, today announced the launch of its first-to-market Phishing Impact test capability within NodeZero™. This new capability marks a significant... Read the entire article here
14 January Prove the impact of cybersecurity investments—holistically and continuouslyProve the impact of cybersecurity investments—holistically and continuously1:00 pmZoom Webinar
