Horizon3.ai, a leading provider of autonomous security solutions, marked the close of the first six months of 2024 with a celebration of the Company’s growth across all dimensions. The NodeZero™ autonomous penetration testing platform lets organizations identify exploitable vulnerabilities across their internal, external, and cloud environments. It also provides detailed guidance on prioritizing and addressing discovered security issues, and enables users to instantly verify the effectiveness of their fixes.
New NodeZero features, services, and extensions added in 1H:2024 include:
Phishing Impact Testing: precisely identifies the “blast radius” of compromised credentials, demonstrating the potential consequences when attackers gain access to them.
Pentesting Services for Compliance: Meets both internal and external cyber risk assessment and pentesting requirements, aligning with government regulations, industry standards, new security frameworks, and security best practices. This service combines the expertise of Horizon3.ai’s Offensive Security Certified Professional (OSCP) pentesters with the power of NodeZero’s autonomous pentesting to achieve and sustain compliance.
Rapid Response Service for Cyber Resilience: Gives NodeZero users a strategic advantage with early, actionable intelligence to counteract emerging exploits targeting newly discovered and not yet widely addressed software vulnerabilities. NodeZero users receive tailored intelligence on emerging vulnerabilities and can launch targeted tests to measure their exploitability.
Executive Team Expansion: Several executive-level appointments were made to support Horizon3.ai’s rapid growth as a leader in autonomous cybersecurity solutions. These include:
- Matt Hartley as Chief Revenue Officer (CRO)
- Jill Passalacqua as Chief Legal Officer (CLO)
- Erick Dean as Vice President of Product Management
- Drew Mullen as Vice President of Revenue Operations
- Torie Runzel as Vice President of People
Awards and Recognitions: Horizon3.ai received several prestigious industry recognitions and honors during the first half of 2024. These include:
- Inclusion in the CRN®2024 Partner Program Guide
- Govies Award from Security Today Magazine for Autonomous Penetration Testing
- 2024 Cybersecurity Excellence Awards for Autonomous Penetration Testing
- Cloud Security Awards for Best Vulnerability Assessment Solution
- ChannelVision’s Visionary Spotlight Award for Top Innovation
- ChannelVision’s Visionary Spotlight Award for Cybersecurity
- AI Global Excellence Award for Best Computer & Network Security Firm 2024
- Rising in Cyber Award for Top 30 Mid Stage Startups in Cybersecurity
- Intellyx Digital Innovator Award
Industry Research Contributions: Horizon3.ai’s expert threat researchers conduct deep-level vulnerability research, develop proofs of concept exploits, and provide indicators of compromise that enable organizations to vastly improve their cybersecurity initiatives. The following research was published in the first half of 2024.
Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces – June 14, 2024
CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution – June 12, 2024
CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X – June 4, 2024
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive – May 28, 2024
CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive – May 20, 2024
CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive – March 21, 2024
Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty” – March 14, 2024
NextChat: An AI Chatbot That Lets You Talk to Anyone You Want To – March 11, 2024
CVE-2024-1403: Progress OpenEdge Authentication Bypass Deep-Dive – March 6, 2024
ConnectWise ScreenConnect: Authentication Bypass Deep Dive – February 21, 2024
Rust Won’t Save Us: An Analysis of 2023’s Known Exploited Vulnerabilities – February 6, 2024
CVE-2024-23897: Assessing the Impact of the Jenkins Arbitrary File Leak Vulnerability – January 29, 2024
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive – January 23, 2024
Analysis of CVE-2023-43208: NextGen Mirth Connect Pre-Auth RCE – January 12, 2024
Analysis of CVE-2023-39143: PaperCut WebDAV Vulnerability – January 12, 2024
“We’ve had a stellar first half of 2024, adding three new capabilities to our solution portfolio, expanding our senior leadership team with some of the industry’s best talent, competing for and winning numerous awards, and delivering unprecedented industry research to the cyber community,” said Snehal Antani, CEO and Co-Founder at Horizon3.ai. “We are thrilled with the market reception and recognition that Horizon3.ai and NodeZero are receiving, and we look forward to an even more successful second half of the year.”
About Horizon3.ai
The NodeZero™ platform empowers organizations to continuously find, fix, and verify exploitable attack surfaces. It is the flagship product of Horizon3.ai, founded in 2019 by former industry and U.S. National Security veterans. Our mission is to help organizations see their networks through the eyes of the attacker and proactively fix problems that truly matter, improve the effectiveness of their security initiatives, and ensure that they are prepared to respond to real cyberattacks.
Additional Resources:
To see the Total Economic Impact™ of the NodeZero Platform Study, a recent analysis performed by Forrester Consulting, visit: https://www.horizon3.ai/tei-study/
Visit https://www.horizon3.ai/ for a free trial.
