Resource Center

Art Ocain, Field CISO at Airiam, and Naveen Sunkavally, Chief Architect at Horizon3.ai join forces in this webinar, where you will gain an in-depth understanding of threat actors and their tactics through a LIVE attack simulation.

In Horizon3.ai’s three years of operation, we have conducted more than 15,000 pentests yielding results for our clients and data for our engineers. Join our CEO, Snehal Antani, for stories from the trenches.

This month we’ll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important.

During this session we’ll also look at how AI powered Autonomous Pentesting finally gives organizations the ability to pentest themselves at scale to quickly identify their exploitable attack surface.

Over the last week, the widely reported critical security flaw in the Progress MOVEit Transfer application (CVE-2023-34362) reminded us yet again to remain vigilant in securing our IT infrastructure from potential cyber threat actors.

The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.

Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can exploit this vulnerability to download and delete arbitrary files, and in...

Since introducing NTLM coercion techniques such as PetitPotam into the NodeZero platform, we frequently have security practitioners request help understanding these techniques and what impact they have to their enterprise. There is a lack of concise resources to...

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.

Business Wire: 06/06/22 Horizon3.ai is proud to announce its NodeZero Autonomous Penetration Testing has won the Best Penetration Test Solution Award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine. Read entire...

Business Wire: 06/01/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, today announced it has extended the capabilities of its NodeZero platform to include external penetration testing. With this enhancement, Horizon3.ai is the first...

Business Wire: 05/23/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, today announced the appointment of Chris Hill as the Sector Head for Public Sector, Federal. Hill will execute Horizon3.ai’s vision for creating a better, more secure...

This month we’ll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important.

The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.

Horizon3.ai Principal Security SME Stephen Gates and JTI Cybersecurity Principal Consultant Jon Isaacson discuss: - What JTI does to validate things like access control, data loss prevention, ransomware protection, and intrusion detection approaches. - How #pentesting and red team exercises allow orgs to validate the effectiveness of their security controls. - Why offensive operations work best to discover and mitigate...

The NodeZero platform enables you to proactively and efficiently probe your customers’ networks for weaknesses that go beyond known and patchable vulnerabilities, such as credentials open to compromise, exposed data, misconfigurations, poor security controls, and weak policies.

State, local and education (SLED) organizations have unique pain points. Because they rely on taxpayer dollars, SLED organizations are often trying to do more with less.

Demand for #pentesting expertise is at an all-time high, and many orgs are struggling to meet their annual requirements for the PCI DSS v4.0. This webinar explains how our services fulfill your pentesting requirements and help you streamline your remediation efforts.

See your enterprise through the eyes of an attacker - More than a concept — a Proof of Value

Horizon3.ai delivers sophisticated and timely penetration testing services tailored to fulfill the internal and external pentesting requirements of your cardholder data environment outlined by the Payment Card Industry Data Security Standard (PCI DSS) v4.0. Our offerings are executed with comprehensive coverage and meticulous attention to detail to fully address these stringent pentesting requirements.

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content