Pentesters

SEARCH

CATEGORIES

TAGS

    Blogs

    Threat Actor Intelligence: Known Threats, Known Weaknesses, Known Outcomes

    September 12, 2025
    Awareness doesn’t equal defense. Threat Actor Intelligence helps you go beyond the headline: “Are these attackers using techniques that would actually work in our environment?”
    Read More →
    Whitepapers

    NodeZero® for Pentesters and Red Teams

    August 20, 2025
    Pentesters and red teams share a common goal: improving an organization’s security posture. But their objectives, scope, and methods differ. NodeZero® helps both teams succeed by showing what’s truly exploitable, so you can cut through the noise and continuously validate your security posture.
    Read More →
    Blogs

    Vulnerability Management Is Broken: There is a Better Way

    July 28, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →
    Large crack across concrete with small ineffective bandaid placed on it
    Blogs

    Vulnerable vs. Exploitable: Why Understanding the Difference Matters to Your Security Posture

    June 25, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →
    Blogs

    Horizon3.ai Raises $100M to Cement Leadership in Autonomous Security

    June 12, 2025
    Rewriting Cybersecurity Rules. Led by veterans and ethical hackers, Horizon3.ai's NodeZero platform is transforming how organizations defend against threats.
    Read More →
    Blogs

    Using NodeZero® to Uncover the Paths Attackers Take, Before They Do

    May 2, 2025
    Discover how NodeZero emulates real attackers to uncover critical attack paths, escalate access, and deliver proof—fast and autonomously.
    Read More →
    Blogs

    What Is Pentesting? The Ultimate Guide to Penetration Testing

    April 30, 2025
    Learn how pentesting goes beyond scans to validate real risk, meet compliance, and stay ahead of threats with Horizon3.ai’s ultimate guide.
    Read More →
    Attack Blogs, Disclosures

    Ivanti Endpoint Manager – Multiple Credential Coercion Vulnerabilities

    February 19, 2025
    Critical Ivanti Endpoint Manager vulnerabilities revealed—learn about CVE exploits and mitigation.
    Read More →
    Attack Blogs

    VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive

    January 31, 2023
    Introduction The recent VMware VMSA describes four new CVEs affecting VMware vRealize Log Insight, reported by ZDI. Three of these CVEs can be combined to give an attacker remote code execution as root. This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like…
    Read More →
    Attack Blogs

    Metrics That Matter: An Attacker’s Perspective on Assessing Password Policy

    December 1, 2022
    After compromising a Windows domain controller, one of the actions that NodeZero, our autonomous pentest product, performs is dumping all domain user password hashes from the Active Directory database. This is a common attacker technique, and the resulting dump is highly valuable to attackers. But did you know that this data is a great source…
    Read More →
    keys neatly aligned in rows