Pentesters

SEARCH

CATEGORIES

TAGS

    Blogs

    Why Open-Source AI Pentesting Could Be Your Next Security Incident

    October 23, 2025
    Open-source “AI hacker” tools automate red-team workflows but can silently exfiltrate pentest output to third-party LLM APIs—exposing IP, credentials, and regulated data. This post explains the real risk (data egress, not training), why traditional DLP/SIEM often misses it, and how enterprise-safe approaches—like isolated, auditable platforms—prevent unauthorized leakage.
    Read More →
    Blogs

    Threat Actor Intelligence: Known Threats, Known Weaknesses, Known Outcomes

    September 12, 2025
    Awareness doesn’t equal defense. Threat Actor Intelligence helps you go beyond the headline: “Are these attackers using techniques that would actually work in our environment?”
    Read More →
    Whitepapers

    NodeZero® for Pentesters and Red Teams

    August 20, 2025
    Pentesters and red teams share a common goal: improving an organization’s security posture. But their objectives, scope, and methods differ. NodeZero® helps both teams succeed by showing what’s truly exploitable, so you can cut through the noise and continuously validate your security posture.
    Read More →
    Blogs

    Vulnerability Management Is Broken: There is a Better Way

    July 28, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →
    Large crack across concrete with small ineffective bandaid placed on it
    Blogs

    Vulnerable vs. Exploitable: Why Understanding the Difference Matters to Your Security Posture

    June 25, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →
    Blogs

    Horizon3.ai Raises $100M to Cement Leadership in Autonomous Security

    June 12, 2025
    Rewriting Cybersecurity Rules. Led by veterans and ethical hackers, Horizon3.ai's NodeZero platform is transforming how organizations defend against threats.
    Read More →
    Blogs

    Using NodeZero® to Uncover the Paths Attackers Take, Before They Do

    May 2, 2025
    Discover how NodeZero emulates real attackers to uncover critical attack paths, escalate access, and deliver proof—fast and autonomously.
    Read More →
    Blogs

    What Is Pentesting? The Ultimate Guide to Penetration Testing

    April 30, 2025
    Learn how pentesting goes beyond scans to validate real risk, meet compliance, and stay ahead of threats with Horizon3.ai’s ultimate guide.
    Read More →
    Attack Blogs, Disclosures

    Ivanti Endpoint Manager – Multiple Credential Coercion Vulnerabilities

    February 19, 2025
    Critical Ivanti Endpoint Manager vulnerabilities revealed—learn about CVE exploits and mitigation.
    Read More →
    Attack Blogs

    VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive

    January 31, 2023
    Introduction The recent VMware VMSA describes four new CVEs affecting VMware vRealize Log Insight, reported by ZDI. Three of these CVEs can be combined to give an attacker remote code execution as root. This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like…
    Read More →