Resource Center

Listen to Horizon3.ai's Phil Wylie and Foresite experts to explore the financial and security benefits of autonomous pentesting and continuous validation.

Horizon3.ai's Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion's shift to managed services & blending #NodeZero for security.

On July 10, 2024, Palo Alto released a security advisory for CVE-2024-5910, a vulnerability which allowed attackers to remotely reset the Expedition application admin credentials. While we had never heard of Expedition application before, it's advertised as: The purpose of this tool is to help reduce the time and efforts of migrating a configuration from…

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

Enhance cybersecurity post-breach with 7 strategies using NodeZero™ for continuous testing, threat detection, and improved defenses for lasting protection.

As cyber attacks become increasingly complex, sophisticated, and more frequent, security teams need to be able to identify attacks faster and with higher accuracy. But users report that current detection workflows have high set-up and maintenance needs and introduce lots of noise and time-consuming false-positives. In this session, we highlight new approaches to overcome those…

On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited Vulnerability (KEV) catalog two days later on August 15, 2024. The advisory states: SolarWinds Web Help Desk was found to be susceptible to a…

Discover how Komori, a century-old printing giant, is leading the charge in cybersecurity innovation by adapting to internet-connected risks and utilizing advanced solutions like NodeZero to safeguard their legacy.

On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it's Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated vulnerability. Shortly after on September 13, 2024, the vulnerability was added to CISA's Known Exploited Vulnerabilities (KEV). Given…

Update: 2024-09-16 We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The content of this blog has been updated accordingly. Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution…