Tag: Security Practitioner | Page 2

NodeZero helps JTI Cybersecurity scale by automating penetration testing, finding vulnerabilities, and enhancing client security efficiently and effectively.

In an increasingly interconnected world, where digital technologies infiltrate every aspect of society, vulnerabilities in these systems can be exploited by malicious actors to disrupt emergency services, compromise sensitive information, or even endanger lives.

Horizon3.ai’s Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion’s shift to managed services & blending #NodeZero for security.

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

As cyber attacks become increasingly complex, sophisticated, and more frequent, security teams need to be able to identify attacks faster and with higher accuracy. But users report that current detection workflows have high set-up and maintenance needs and introduce lots of noise and time-consuming false-positives. In this session, we highlight new approaches to overcome those drawbacks:

– Why rapid threat detection is increasingly critical for every security team in today’s threat landscape.
– A new approach to threat detection that doesn’t increase your team’s workload.
– A preview of how NodeZero Tripwires helps you detect threats faster and accurately.

NodeZero APT: Azure Password Spray to Business Email Compromise

On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it's Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated...

Update: 2024-09-16 We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The...

On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited Vulnerability (KEV) catalog two days later...

Business Wire 09/19/2024 Horizon3.ai, a global leader in autonomous security, announces that Nicholas Warner has joined its board as an Independent Director. Warner brings over two decades of cybersecurity experience, marked by a proven track record in scaling...

Business Wire 09/10/2024 Horizon3.ai, a global leader in autonomous security solutions, today unveiled NodeZero Tripwires™, an addition to its product suite that integrates attack detection directly into the penetration testing process. This first-of-its-kind solution...

Business Wire 08/13/2024 Horizon3.ai, a global leader in autonomous security solutions for both public and private sectors, today announced their partnership with FedHIVE, a leading cloud service offering for federal agencies, government contractors, and commercial...

NodeZero helps JTI Cybersecurity scale by automating penetration testing, finding vulnerabilities, and enhancing client security efficiently and effectively.

Horizon3.ai’s Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion’s shift to managed services & blending #NodeZero for security.

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

NodeZero APT: Azure Password Spray to Business Email Compromise

In the ever-evolving landscape of cybersecurity, the speed of your response to emerging cyber threats can be the difference between a minor security incident and a catastrophic breach. Horizon3.ai provides you with a strategic advantage by enabling preemptive action in the steadily shrinking window of time between the public disclosure of a vulnerability and its exploitation in the wild.

The emergence of new attack vectors, the steady growth of attack surfaces, and the increasing speed at which vulnerabilities are exploited underscore the critical need for proactive defense strategies.

Understanding the Landscape of Cyber Threats and the Innovations in Third-Party Risk Management

Demand for #pentesting expertise is at an all-time high, and many orgs are struggling to meet their annual requirements for the PCI DSS v4.0. This webinar explains how our services fulfill your pentesting requirements and help you streamline your remediation efforts.

Introduction In a recent PSIRT, Fortinet acknowledged CVE-2023-48788 – a SQL injection in FortiClient EMS that can lead to remote code execution. FortiClient EMS is an endpoint management solution for enterprises that provides a central location for administering enrolled endpoints. This SQL injection vulnerability is caused by user controlled strings that are passed directly into database queries. In this post...

Early in 2023, soon after reproducing a remote code execution vulnerability for the Fortinet FortiNAC, I was on the hunt for a set of new research targets. Fortinet seemed like a decent place to start given the variety of lesser-known security appliances I had noticed while searching for the FortiNAC firmware. The first target I landed on was the Fortinet...

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Practitioner

Filters

How can NodeZero help you?