Fortifying the Defense Industrial Base (DIB): NodeZero® for Supply Chain Security

NSA Cybersecurity Collaboration Center and Horizon3.ai are working together to elevate the security posture of the Defense Industrial Base (DIB) suppliers.

Learn More at NSA.gov

What is the CAPT program?

The NSA’s Continuous Autonomous Penetration Testing (CAPT) program, powered by Horizon3.ai’s NodeZero®, identifies exploitable vulnerabilities across DIB suppliers’ IT infrastructures. With ongoing, intelligence-driven cyber risk assessments, NodeZero reinforces critical infrastructures, bolstering national supply chain security.

How does the program work?

Horizon3.ai manages enrollment, onboarding, and activation onto the NodeZero platform, enabling DIB suppliers to quickly launch self-service pentests. These tests help meet compliance, strengthen security, and eliminate costly consulting engagements. This benefits the taxpayer, DoD, and DIB suppliers alike.
Dowload the Whitepaper
Open Quote Streamline Icon: https://streamlinehq.com

Before the NSA launched CAPT, the DIB was dangerously exposed, with many critical vulnerabilities unchecked. Now, program participants have closed 71% of critical findings within 30 days, moving from 1-2 pentests a year to several each month. This isn’t just compliance; it’s ownership of national security. The DIB is now proactively defending the nation’s safety.

– Snehal Antani, CEO and Co-Founder Horizon3.ai

How does this benefit my business?

Cog Search Streamline Icon: https://streamlinehq.com
Free, world-class pentesting to help you uncover your most vulnerable areas
Customer Relationship Management Performance Metrics Streamline Icon: https://streamlinehq.com
User-friendly interface with simplified remediation guidance and reporting
Automatic Mode 2 Streamline Icon: https://streamlinehq.com
Continuous and safe risk assessments that complete in hours, not days
List Numbers Streamline Icon: https://streamlinehq.com
Prioritized pentest findings so you know what to fix first
Fantasy Medieval Roleplay Game Ability Trap Streamline Icon: https://streamlinehq.com
Proof that risks have been remediated with one-click verification
Technology Network Privacy Access Lock 2 Streamline Icon: https://streamlinehq.com
Demonstrates your ability to reduce vulnerabilities and ensure continuity
Workflow Merge 2 Streamline Icon: https://streamlinehq.com
Aligns with CMMC, SOC2, and other key cybersecurity standards
Navigation Up 1 Streamline Icon: https://streamlinehq.com
NodeZero simplifies the process of pinpointing and addressing vulnerabilities that expose suppliers to cyber threats. Its ease of use, accurate vulnerability prioritization, and clear remediation guidance significantly enhance security for DIB suppliers enrolled in this no-cost program.

Check Shield Streamline Icon: https://streamlinehq.com

Positive outcomes with real risk reduction

  • One DIB firm completed 70+ bi-weekly pentests with NodeZero in the last four months with limited effort other than to set up and launch the tests.
  • Another DIB firm conducted its first pentests two days after onboarding and NodeZero proved it could exploit a known vulnerable software product in use.
  • Another DIB firm discovered that NodeZero was able to gain access to testing data, manuals, and other sensitive information stored in the supplier’s network.
Create Chart Streamline Icon: https://streamlinehq.com

Latest NodeZero + DIB Supplier Statistics

Number of Participants: 531
Number of Pentests: 6,849
Number of Endpoints: 802,206
Number of Critical and High Weaknesses Mitigated: 10,646
Percentage of Critical Weaknesses Mitigated: 32%
Percentage of High Weakness Mitigated: 48%
Duration of Operations: 70,892 hours

Number of Exploitable Weaknesses and Vulnerabilities Detected:

0+

What do DIB suppliers have to say about the program?

Open Quote Streamline Icon: https://streamlinehq.com

A huge thank you to the team! NodeZero is a total game-changer for us. With a small team, every second counts and this tool is saving us serious time. It’s a no-brainer to have NodeZero in our toolbelt. We’re beyond grateful for the opportunity!"

– Alexandru Stratila, Information Technology Manager at KVG
Open Quote Streamline Icon: https://streamlinehq.com

Horizon3.ai’s NodeZero has been a game-changer for our cybersecurity. Its autonomous pentesting provides deep insights into vulnerabilities, while clear, actionable reports help us prioritize and resolve critical risks efficiently. It has strengthened our defenses, saved valuable time, and enhanced our security posture. We highly recommend it for any organization looking to stay ahead of threats."

– Cybersecurity Analyst, Manufacturer of Machined Components for the Defense Industry
Open Quote Streamline Icon: https://streamlinehq.com

We pride ourselves on maintaining a strong security posture, which is why we partner with NodeZero for pentesting. Within hours of running NodeZero internal pentesting, our MSP was able to quickly review the findings and remediate the weaknesses. As a member of the DIB, it's my personal responsibility to help protect our nation's secrets. With Horizon3.ai and NodeZero verifying our system security at a regular cadence, I'm confident we're well-positioned to handle the critical data ultimately supporting our troops."

– Rick MacKirdy, CEO Modus Advanced, Inc.

Trusted By

The NSA does not endorse any commercial product or service provided by Horizon3.ai. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by NSA.