Resource Center

In the world of network security, compliance is the bare minimum. Compliance is locking your door, but what about your windows?

I'm sharing this because I believe it is relevant to ongoing decisions in this community. I'm in a senior leader cyber group and got the chance to follow the headliner yesterday on Vulnerability Assessment tools. I lit them up, and had a CEO reach out to me afterwords...

Purple teaming is the result of collaboration, communication and sharing of information between a red team and a blue team in an effort to improve the overall security posture of an organization. How organizations comprise these components may vary, but for context, a...

We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis blog posts have been awesome, but they have been catering to an offensive security audience.

Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML) has proved to be a hotbed of vulnerabilities within the last...

In the world of network security, compliance is the bare minimum. Compliance is locking your door, but what about your windows?

As we approach the holiday season, it is important that our customers remain stay and continue a regular cadence of autonomous pentests. Although it’s the time of year for holiday cheer, we’ve seen cyber threat actors (CTAs) take advantage of lackadaisical company manning and low staff.

Security Boulevard: 11/23/22 As we approach the holiday season, it is important that our customers stay vigilant and continue a regular cadence of autonomous pentests. – Cyber Threat Analyst, Al Martinek Read the entire article here

SiliconANGLE: 11/21/22 Chad Glinsky, backend engineer at security posture company Horizon3.ai, commented that all users should understand that API keys are effectively a username and password. Read the entire article here

ClearanceJobs: 11/18/22 “With the rise in successful cyber attacks against the United States government and its federal agencies, many are right to wonder whether the public sector’s approach to cybersecurity is in need of a serious change.” Read the entire article here

When the director of technology for a higher education organization went looking for a better way to identify and prioritize security weaknesses on the school’s servers and networks, his first interaction with Horizon3.ai and NodeZero started off with an impressive bang. “I wanted to see proof of concept, and Horizon3.ai solved one of our biggest security holes because of that...

SC Media: 11/14/22 Brad Hong, customer success manager at Horizon3ai, said he and his team constantly see huge blast radii in attacks and penetration tests originate from the smallest misconfiguration, or even lack of configuration, allowing attacker’s to simply log-in to public facing environments. Read the entire article here

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

No Results Found

No Results Found

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

No Results Found

No Results Found

Resource Center

Filters