Fortifying the Defense Industrial Base (DIB): NodeZero for Supply Chain Security

NSA Cybersecurity Collaboration Center and Horizon3.ai are working together to elevate the security posture of the Defense Industrial Base (DIB) suppliers.

Learn More at NSA.gov

What is the CAPT program?

The NSA’s Continuous Autonomous Penetration Testing (CAPT) program, powered by Horizon3.ai’s NodeZero™, identifies exploitable vulnerabilities across DIB suppliers’ IT infrastructures. With ongoing, intelligence-driven cyber risk assessments, NodeZero reinforces critical infrastructures, bolstering national supply chain security.

How does the program work?

Horizon3.ai manages enrollment, onboarding, and activation onto the NodeZero platform, enabling DIB suppliers to quickly launch self-service pentests. These tests help meet compliance, strengthen security, and eliminate costly consulting engagements. This benefits the taxpayer, DoD, and DIB suppliers alike.
Dowload the Whitepaper
Open Quote Streamline Icon: https://streamlinehq.com

Before the NSA launched CAPT, the DIB was dangerously exposed, with many critical vulnerabilities unchecked. Now, program participants have closed 71% of critical findings within 30 days, moving from 1-2 pentests a year to several each month. This isn’t just compliance; it’s ownership of national security. The DIB is now proactively defending the nation’s safety.

– Snehal Antani, CEO and Co-Founder Horizon3.ai

How does this benefit my business?

Cog Search Streamline Icon: https://streamlinehq.com
Free, world-class pentesting to help you uncover your most vulnerable areas
Customer Relationship Management Performance Metrics Streamline Icon: https://streamlinehq.com
User-friendly interface with simplified remediation guidance and reporting
Automatic Mode 2 Streamline Icon: https://streamlinehq.com
Continuous and safe risk assessments that complete in hours, not days
List Numbers Streamline Icon: https://streamlinehq.com
Prioritized pentest findings so you know what to fix first
Fantasy Medieval Roleplay Game Ability Trap Streamline Icon: https://streamlinehq.com
Proof that risks have been remediated with one-click verification
Technology Network Privacy Access Lock 2 Streamline Icon: https://streamlinehq.com
Demonstrates your ability to reduce vulnerabilities and ensure continuity
Workflow Merge 2 Streamline Icon: https://streamlinehq.com
Aligns with CMMC, SOC2, and other key cybersecurity standards
Navigation Up 1 Streamline Icon: https://streamlinehq.com
NodeZero simplifies the process of pinpointing and addressing vulnerabilities that expose suppliers to cyber threats. Its ease of use, accurate vulnerability prioritization, and clear remediation guidance significantly enhance security for DIB suppliers enrolled in this no-cost program.

Check Shield Streamline Icon: https://streamlinehq.com

Positive outcomes with real risk reduction

  • One DIB firm completed 70+ bi-weekly pentests with NodeZero in the last four months with limited effort other than to set up and launch the tests.
  • Another DIB firm conducted its first pentests two days after onboarding and NodeZero proved it could exploit a known vulnerable software product in use.
  • Another DIB firm discovered that NodeZero was able to gain access to testing data, manuals, and other sensitive information stored in the supplier’s network.
Create Chart Streamline Icon: https://streamlinehq.com

Latest NodeZero + DIB Supplier Statistics

Number of Participants: 374
Number of Pentests: 4,051
Number of Endpoints: 432,881
Number of Critical Issues Mitigated: 6,041
Percentage of Critical Issues Mitigated: 52%
Percentage of High Weakness Mitigated: 52%
Duration of Operations: 41,612 hours

What do DIB suppliers have to say about the program?

Open Quote Streamline Icon: https://streamlinehq.com

“Node Zero provides our small team with an advantage by showcasing what an attacker can do within our network. The team responsible for Node Zero is actively engaged in safeguarding your network against both internal and external threats. This enables our team to have peace of mind, knowing that our efforts to fix vulnerabilities are focused on addressing actively exploited issues. Every DIB supplier should consider augmenting this tool to their cyber team.”

– Information System Security Officer – Maritime Electronic Systems
Open Quote Streamline Icon: https://streamlinehq.com

“We have been using Horizon3.ai’s NodeZero platform for over a year, and it has been an invaluable tool for our cybersecurity efforts. The autonomous penetration testing is incredibly thorough, providing us with detailed insights into our vulnerabilities from both internal and external perspectives. The auto-reports are particularly impressive, clearly identifying the issues and offering comprehensive steps to resolve them. This has not only helped us strengthen our defenses but also saved us time and resources by prioritizing the most critical risks. Horizon3.ai has truly enhanced our security posture, and we highly recommend their service to any organization looking to proactively manage their cybersecurity."

– Cybersecurity Analyst – Manufacturer of Machined Components for the Defense Industry
The NSA does not endorse any commercial product or service provided by Horizon3.ai. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by NSA.