Horizon3.ai It announced that it has expanded the capabilities of its NodeZero platform to include external penetration testing.
With this improvement, Horizon3.ai is the first self-service penetration testing platform to offer enterprises both internal and external penetration testing in a single self-service platform.
“As threat actors continue to develop their tools and techniques to evade detection within an enterprise network, it is imperative to shift from a peacetime to a wartime security mindset. The only way to stay ahead is the only way to stay ahead of the curve,” said Sinhal Antani, CEO and co-founder of Horizon3.ai. Attackers are constantly trying to exploit every attack path in and out of the environment.
“Horizon3.ai’s mission has always been to help organizations strengthen their security systems and improve security controls. By expanding NodeZero’s capabilities to include both internal and external penetration testing, organizations have full visibility into their cyber risk profile, allowing them to quickly fix anything that can be exploited.” Then check to remove it.
Horizon3.ai’s NodeZero independent penetration testing platform continuously evaluates an organization’s internal infrastructure and external attack surface, identifying ways in which an attacker can accumulate acquired credentials, misconfigurations, default failures of dangerous products, and exploitable vulnerabilities to compromise systems and data. By expanding NodeZero’s capabilities to include both internal and external penetration testing, organizations can now assess all of their assets — including on-premises, cloud, and hybrid, on and off the perimeter.
When you combine internal and external penetration testing results, organizations have a true understanding of their cyber risk profile across their entire environment.
NodeZero offers businesses the following benefits:
- Check if public-facing assets open doors to ransomware exposure Ransomware attacks have become democratised, with criminal groups creating ransomware-as-a-Service (RaaS) operations, renting ransomware to affiliates who in turn launch attacks against organizations and pay “property rights” to RaaS providers. With NodeZero, organizations will understand the attack paths that ransomware actors can exploit to penetrate the periphery, move sideways within the network, and access “crown jewel” data.
- Visualize risk and impact See the risks and impact of improperly configured third-party apps and weak or default credentials that an attacker will use to compromise your surroundings. Credit attacks are the fastest growing attack path worldwide, and NodeZero will independently and securely attack your public assets so you know where your most serious problems are.
- Improve asset management and eliminate Shadow IT With NodeZero, organizations can constantly discover their public assets, hybrid cloud assets, and internal assets. NodeZero allows organizations to understand and visualize the real risks posed by these assets based on real-world exploitation rather than just theoretical risk.
- Understand the risks of third parties and the supply chain NodeZero can be run continuously, both internally and externally, providing an immediate understanding of third party and supply chain risks.
- Save time and resources Penetration tests can be set up within minutes and executed as often as needed. NodeZero quickly identifies exploitable internal and external attack vectors and ineffective security controls. No extensive tuning, training, or certifications are required, and results are prioritized with proof, so time and resources can be spent figuring out only what matters.
- Ongoing security assessments – NodeZero is the purple partner of every organization on the team, coordinating hundreds of attack tools and techniques across an entire environment to sequence attack paths and demonstrate true risk and impact. This is not an annual compliance checkbox or a limited snapshot in time. Independent penetration tests can be automated with NodeZero and run as needed to ensure that the blue and red teams can focus and complement each other’s efforts.