Security Practitioner

Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover vulnerabilities across AWS and Azure, prioritize identity risks, and secure your environment in just minutes. Stay ahead of threats.

How Horizon3.ai's Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and where the at-risk software is deployed in your environment. To address the need to find what’s exploitable, Horizon3.ai developed and recently unveiled…

Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability chaining, empowering organizations to prioritize and mitigate security weaknesses strategically.

This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.

DoD supply chain cyber threats are surging. Learn how CAPT helps suppliers find, fix & verify gaps with scalable, autonomous security testing.

In the ever-evolving landscape of cybersecurity, the speed of your response to emerging cyber threats can be the difference between a minor security incident and a catastrophic breach. Horizon3.ai provides you with a strategic advantage by enabling preemptive action in the steadily shrinking window of time between the public disclosure of a vulnerability and its…

The emergence of new attack vectors, the steady growth of attack surfaces, and the increasing speed at which vulnerabilities are exploited underscore the critical need for proactive defense strategies.

Understanding the Landscape of Cyber Threats and the Innovations in Third-Party Risk Management

Demand for #pentesting expertise is at an all-time high, and many orgs are struggling to meet their annual requirements for the PCI DSS v4.0. This webinar explains how our services fulfill your pentesting requirements and help you streamline your remediation efforts.

Introduction In a recent PSIRT, Fortinet acknowledged CVE-2023-48788 - a SQL injection in FortiClient EMS that can lead to remote code execution. FortiClient EMS is an endpoint management solution for enterprises that provides a central location for administering enrolled endpoints. This SQL injection vulnerability is caused by user controlled strings that are passed directly into…