I was thrilled to catch up with Horizon3.ai during Black Hat USA 2024. Most attackers don’t break in, they log in. CrowdStrike’s 2023 Global Threat Report findings confirm that 71% of all 2023 threat detections involved malware-free “living off the land” (LOTL) activity and attacks. Valid (often stolen) credentials give a threat actor network access to then exploit misconfigurations, unpatched vulnerabilities and poor security controls. “These attacks are especially sinister because they do not require traditional code, scripts, or malware files,” the report notes (see: https://www.horizon3.ai/#attack-paths).
CEO and Co-Founder Snehal Antani: “Gone are the days when organizations can just run vuln scans, an annual pentest, and tabletop exercises. They need to operate with a ‘Don’t tell me we’re secure, show me, then show me again tomorrow’ mindset. As a CIO or CISO, understanding how your exploitable attack surfaces change over time is critical to conveying your security posture to the board. How many exploitable issues did you fix, how quickly did you fix them, how often did they reoccur and why, and how effective were you at detection & response? These are key elements of the narrative you need to tell, and – with insight from NodeZero – you can.”
LOTL attacks will get more sinister, more effective, and far more frequent as criminals leverage autonomous attack techniques that humans – who triage by sifting through logs, cognitively processing alerts, and getting permission to apply fix-actions – can’t keep up with.
Another significant difficulty in vulnerability management is securing assets in situations where immediate patching or fixing vulnerabilities isn’t feasible. Research shows that the average Mean Time to Remediate (MTTR) for critical vulnerabilities is around 58 days, which leaves organizations exposed for long durations. Organizations need ways to prioritize what is truly exploitable in their environments so they can remediate those issues first.
Horizon3.ai’s NodeZero™ autonomous security platform empowers organizations to continuously find, prioritize, fix, and verify remediation of their exploitable attack surfaces and vulnerabilities. Horizon3.ai’s pentesting reveals security posture blind spots such as easily compromised credentials, exposed data, misconfigurations, poor security controls, and weak policies. It then prioritizes the attack paths with the greatest potential impact on the organization in the event of a breach, so that teams know what to fix first, how to fix it, and how to verify remediation. This prevents security resources from being diverted into finding and remediating non-exploitable vulnerabilities.
NodeZero requires no agents or special hardware. It is a true self-service SaaS offering that is safe to run in production, supporting ongoing verification of security posture. No hardware or software to maintain; no persistent or credentialed agents required. Additionally, Horizon3.ai has substantially advanced autonomous security with several breakthroughs. The most recent of these include industry-leading capabilities added to NodeZero, enabling organizations to now perform cloud-focused pentests across their AWS and Azure environments. This capability adds to NodeZero’s internal and external pentests. Now, security and IT team members can quickly conduct thorough assessments of their entire digital ecosystem.
Earlier in 2024, Horizon3.ai breakthroughs also included NodeZero’s Rapid Response Service for Cyber Resilience, which provides early, actionable intelligence to counteract emerging exploits that target newly discovered software vulnerabilities which are typically not yet widely addressed. Another breakthrough includes NodeZero’s Phishing Impact testing that accurately assesses the actual, real-world consequences of compromised credentials within the user’s specific organization. Finally, Horizon3.ai added Pentesting Services for Compliance to their portfolio, aligning with government regulations, industry standards, new security frameworks, and security best practices.
“I’ve been very impressed with the NodeZero Rapid Response service for receiving early warning notifications of N-day and 0-day vulnerabilities via email. The quick, automated, and accurate notifications have been invaluable, allowing me to promptly assess my environment and implement recommended or compensating remediation strategies for critical vulnerabilities.” [Ryan Coots, Information Security Officer (ISO) at Desert Research Institution (DRI)]
“We had just completed our own penetration test, and I was super underwhelmed. Our scoring was low and there was nothing critical to report. Then we kicked off NodeZero, did a scan of our environment, and within a few hours we found a system that was not fully configured. As a result, NodeZero was able to compromise it, then move laterally through the environment, and ended up compromising our whole domain.” [Calvin Engen, Chief Technology Officer (CTO) at F12.net]
In Summary
Horizon3.ai’s NodeZero™ autonomous security platform empowers organizations to continuously find, prioritize, fix, and verify remediation of their exploitable attack surfaces and vulnerabilities. Set up and start your first NodeZero pentest in minutes, and schedule pentests to run every day thereafter for continuous risk assessment. To see how easy it is to find and fix your network’s exploitable weaknesses, register for a free NodeZero trial by visiting: https://portal.horizon3ai.com/trial?dd_uid=c7258741-832b-4d2c-8ff3-bb34959fa058 and find them online at Twitter(X): @Horizon3ai #autonomous #pentesting #vulnerabilities
About the Author
Gary Miliefsky is the publisher of Cyber Defense Magazine and a renowned cybersecurity expert, entrepreneur, and keynote speaker. As the founder and CEO of Cyber Defense Media Group, he has significantly influenced the cybersecurity landscape. With decades of experience, Gary is a founding member of the U.S. Department of Homeland Security, a National Information Security Group member, and an active adviser to government and private sector organizations. His insights have been featured in Forbes, CNBC, and The Wall Street Journal, as well as on CNN, Fox News, ABC, NBC, and international media outlets, making him a trusted authority on advanced cyber threats and innovative defense strategies. Gary’s dedication to cybersecurity extends to educating the public, operating a scholarship program for young women in cybersecurity, and investing in and developing cutting-edge technologies to protect against evolving cyber risks.
Source: www.cyberdefensemagazine.com