Fortifying the Defense Industrial Base (DIB): NodeZero® for Supply Chain Security

NSA Cybersecurity Collaboration Center and Horizon3.ai are working together to elevate the security posture of the Defense Industrial Base (DIB) suppliers.

Learn More at NSA.gov

What is the CAPT program?

The NSA’s Continuous Autonomous Penetration Testing (CAPT) program, powered by Horizon3.ai’s NodeZero®, identifies exploitable vulnerabilities across DIB suppliers’ IT infrastructures. With ongoing, intelligence-driven cyber risk assessments, NodeZero reinforces critical infrastructures, bolstering national supply chain security.

How does the program work?

Horizon3.ai manages enrollment, onboarding, and activation onto the NodeZero platform, enabling DIB suppliers to quickly launch self-service pentests. These tests help meet compliance, strengthen security, and eliminate costly consulting engagements. This benefits the taxpayer, DoD, and DIB suppliers alike.
Dowload the Whitepaper
Open Quote Streamline Icon: https://streamlinehq.com

Before the NSA launched CAPT, the DIB was dangerously exposed, with many critical vulnerabilities unchecked. Now, program participants have closed 71% of critical findings within 30 days, moving from 1-2 pentests a year to several each month. This isn’t just compliance; it’s ownership of national security. The DIB is now proactively defending the nation’s safety.

– Snehal Antani, CEO and Co-Founder Horizon3.ai

How does this benefit my business?

Cog Search Streamline Icon: https://streamlinehq.com
Free, world-class pentesting to help you uncover your most vulnerable areas
Customer Relationship Management Performance Metrics Streamline Icon: https://streamlinehq.com
User-friendly interface with simplified remediation guidance and reporting
Automatic Mode 2 Streamline Icon: https://streamlinehq.com
Continuous and safe risk assessments that complete in hours, not days
List Numbers Streamline Icon: https://streamlinehq.com
Prioritized pentest findings so you know what to fix first
Fantasy Medieval Roleplay Game Ability Trap Streamline Icon: https://streamlinehq.com
Proof that risks have been remediated with one-click verification
Technology Network Privacy Access Lock 2 Streamline Icon: https://streamlinehq.com
Demonstrates your ability to reduce vulnerabilities and ensure continuity
Workflow Merge 2 Streamline Icon: https://streamlinehq.com
Aligns with CMMC, SOC2, and other key cybersecurity standards
Navigation Up 1 Streamline Icon: https://streamlinehq.com
NodeZero simplifies the process of pinpointing and addressing vulnerabilities that expose suppliers to cyber threats. Its ease of use, accurate vulnerability prioritization, and clear remediation guidance significantly enhance security for DIB suppliers enrolled in this no-cost program.

Check Shield Streamline Icon: https://streamlinehq.com

Positive outcomes with real risk reduction

  • One DIB firm completed 70+ bi-weekly pentests with NodeZero in the last four months with limited effort other than to set up and launch the tests.
  • Another DIB firm conducted its first pentests two days after onboarding and NodeZero proved it could exploit a known vulnerable software product in use.
  • Another DIB firm discovered that NodeZero was able to gain access to testing data, manuals, and other sensitive information stored in the supplier’s network.
Create Chart Streamline Icon: https://streamlinehq.com

Latest NodeZero + DIB Supplier Statistics

Number of Participants: 401
Number of Pentests: 4,618
Number of Endpoints: 497,544
Number of Critical and High Weaknesses Mitigated: 6,854
Percentage of Critical Weaknesses Mitigated: 29%
Percentage of High Weakness Mitigated: 53%
Duration of Operations: 47,471 hours

What do DIB suppliers have to say about the program?

Open Quote Streamline Icon: https://streamlinehq.com

Node Zero provides our small team with an advantage by showcasing what an attacker can do within our network. The team responsible for Node Zero is actively engaged in safeguarding your network against both internal and external threats. This enables our team to have peace of mind, knowing that our efforts to fix vulnerabilities are focused on addressing actively exploited issues. Every DIB supplier should consider augmenting this tool to their cyber team.”

– Information System Security Officer – Maritime Electronic Systems
Open Quote Streamline Icon: https://streamlinehq.com

Horizon3.ai’s NodeZero has been a game-changer for our cybersecurity. Its autonomous pentesting provides deep insights into vulnerabilities, while clear, actionable reports help us prioritize and resolve critical risks efficiently. It has strengthened our defenses, saved valuable time, and enhanced our security posture. We highly recommend it for any organization looking to stay ahead of threats."

– Cybersecurity Analyst – Manufacturer of Machined Components for the Defense Industry
Open Quote Streamline Icon: https://streamlinehq.com

We pride ourselves on maintaining a strong security posture, which is why we partner with NodeZero for pentesting. Within hours of running NodeZero internal pentesting, our MSP was able to quickly review the findings and remediate the weaknesses. As a member of the DIB, it's my personal responsibility to help protect our nation's secrets. With Horizon3.ai and NodeZero verifying our system security at a regular cadence, I'm confident we're well-positioned to handle the critical data ultimately supporting our troops."

– Rick MacKirdy, CEO Modus Advanced, Inc.

Trusted By

The NSA does not endorse any commercial product or service provided by Horizon3.ai. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by NSA.