Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

Bomb Streamline Icon: https://streamlinehq.com

CVE-2025-1974

Kubernetes Ingress NGINX Remote Code Execution Vulnerability
Read More →
Bomb Streamline Icon: https://streamlinehq.com

CVE-2025-24813

Apache Tomcat Path Equivalence Vulnerability
Read More →

WEBINAR REPLAY

SEARCH

CATEGORIES

TAGS

    Video

    Maximizing Offensive Security: Addressing Shortcoming and Improving Effectiveness

    Explore offensive security gaps and solutions with Horizon3.ai’s Phillip Wylie. Learn strategies to enhance vulnerability assessments and security impact.
    Watch Now →
    Factsheets

    Kubernetes Pentesting

    November 4, 2024
    NodeZero Kubernetes Pentesting autonomously secures clusters by exploiting runtime vulnerabilities, not just control plane issues. Works with all Kubernetes distributions, prioritizing critical risks for seamless, continuous protection across multi-cloud setups.
    Read More →
    Video

    Revolutionize Your Security with Autonomous Pentesting—Join Horizon3.ai & Foresite Cybersecurity

    Listen to Horizon3.ai's Phil Wylie and Foresite experts to explore the financial and security benefits of autonomous pentesting and continuous validation.
    Watch Now →
    Video

    Fireside Chat: Horizon3.ai and Legion Cyberworks

    Horizon3.ai's Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion's shift to managed services & blending #NodeZero for security.
    Watch Now →
    Attack Blogs, Disclosures

    Palo Alto Expedition: From N-Day to Full Compromise

    On July 10, 2024, Palo Alto released a security advisory for CVE-2024-5910, a vulnerability which allowed attackers to remotely reset the Expedition application admin credentials. While we had never heard of Expedition application before, it's advertised as: The purpose of this tool is to help reduce the time and efforts of migrating a configuration from…
    Read More →
    Infographics

    8 Steps for Enhancing Cybersecurity Post-Breach

    October 1, 2024
    A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.
    Read More →
    Whitepapers

    Enhancing Cybersecurity Post-Breach: A Comprehensive Guide

    September 27, 2024
    Enhance cybersecurity post-breach with 7 strategies using NodeZero™ for continuous testing, threat detection, and improved defenses for lasting protection.
    Read More →
    Video

    Detection Done Differently: Best practices for automating & improving threat detection in your org

    As cyber attacks become increasingly complex, sophisticated, and more frequent, security teams need to be able to identify attacks faster and with higher accuracy. But users report that current detection workflows have high set-up and maintenance needs and introduce lots of noise and time-consuming false-positives. In this session, we highlight new approaches to overcome those…
    Watch Now →
    Attack Blogs, Disclosures

    CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability Deep-Dive

    On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited Vulnerability (KEV) catalog two days later on August 15, 2024. The advisory states: SolarWinds Web Help Desk was found to be susceptible to a…
    Read More →
    Customer Stories

    Century-Long Innovation: A Legacy of Outpacing Cyber Threats

    September 19, 2024
    Discover how Komori, a century-old printing giant, is leading the charge in cybersecurity innovation by adapting to internet-connected risks and utilizing advanced solutions like NodeZero to safeguard their legacy.
    Read More →
    Century-Long Innovation