Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Horizon3.ai’s NodeZero Analytics Unleashes and Extends the Power of NodeZero’s Advanced Pentesting and Analysis

Machine LearningNews
By Business Wire

Yields Deeper Insights, and Answers the Top Questions Every CISO and Security Team Ask: “What’s Exposed?” “What Needs to Be Fixed First?” and “How Will We Do

More With Less?”

Horizon3.ai, a leading cybersecurity firm specializing in autonomous penetration testing, launched a major product refresh, doubling down on its commitment to help organizations continuously verify their security posture.

AiThority Interview : AiThority Interview with Alan Holland, CEO and Founder of Keelvar

The updated user experience puts powerful new insights into security teams’ hands to make autonomous pentesting a force multiplier.

“Our product investments focused on 3 key areas: first, to increase our attack surface coverage, which spans on-prem, multi-cloud, and perimeter, but now also includes advanced capabilities to ‘live off the land’ just as attackers do; second, to improve our AI explainability so that defenders (aka ‘Blue Teams’) can quickly understand how we successfully compromised their organization and focus their remediation efforts on security weaknesses that are actually exploitable; and finally, an API interface that allows users to integrate pentest results into existing security processes and workflows, including integration with their defensive tools to quickly identify potential blind spots in their detection and response,” said Snehal Antani, CEO and co-founder of Horizon3.ai.

Foundational to Horizon3.ai’s philosophy is to use offense to inform defense, a derivative of the military principle to “train like you fight” in order to be prepared for a real cyber attack. NodeZero, Horizon3.ai’s continuous penetration testing platform, enables organizations to test their infrastructure at scale by chaining together harvested credentials, misconfigurations, dangerous product defaults, and exploitable vulnerabilities to achieve critical impacts like domain compromise and sensitive data exposure.

“NodeZero was able to compromise a financial services organization in 7 minutes and 19 seconds. This customer purchased best-in-class security tools, yet few alerts were triggered, and defenders were unable to react fast enough to stop the attack. Security effectiveness is the critical initiative every enterprise should undertake to ensure they are getting the most impact out of their security investments, and the best way to verify that effectiveness is through continuous penetration testing. The alternative is to wait for a real breach to find out that you forgot to enable OS Credential Dumping in your EDR,” said Antani.

The updated user experience puts powerful new insights into security teams’ hands to make autonomous pentesting a force multiplier. At the heart of the refresh are detailed attack paths with proof of exploitation, prioritized fix actions, and 1-click verification that the remediation was successful.

Read More InterviewAiThority Interview with Marc Bolitho, CEO of Recogni

“There are less than 5,000 OSCP-certified ethical hackers in the United States, and it takes 10 years of hands-on experience to become a senior penetration tester. Meanwhile demand for security testing has increased exponentially, so we have a fundamental supply versus demand problem – a spike in demand for security testing but an extreme shortage in the supply of experienced ethical hackers. This is where NodeZero fits in. Defenders have the power of self-service pentesting to harden their networks proactively, and red teams can use NodeZero to conduct reconnaissance and exploitation at scale so that they can focus on attack paths that humans are uniquely gifted to uncover,” said Tony Pillitiere, founding engineer at Horizon3.ai.

“NodeZero sets the conditions for a purple team culture,” said Monti Knode, VP of Customer Success at Horizon3.ai. “The new product refresh enables red and blue teams to quickly understand how an attacker could compromise the network while also showing where the defensive tools detected, logged, and stopped the attack. Or more likely, how the defensive tools failed to stifle the attack and what must be done to improve detection & response,” said Knode.

Leading by example: During a recent autonomous pentest of a large enterprise, NodeZero successfully elevated privileges to become a domain administrator while also compromising the organization’s business email system. The autonomous attack took 30 minutes to execute, with no humans involved, and chained together a variety of techniques including:

  1. User enumeration combined with password spraying to compromise a domain user
  2. Dumping the SAM database by exploiting local admin privileges assigned to the domain user
  3. Reusing local admin credentials across multiple machines
  4. Discovering a domain administrator credential by dumping credentials in LSA on a neighboring machine
  5. Pivoting from domain admin to the Microsoft Azure Active Directory infrastructure (AzureAD)
  6. Gaining access to the domain administrator’s email, which did not have multi-factor authentication (MFA) enabled

“The sequence of events in this attack path are typical of APT’s and ransomware organizations,” said Naveen Sunkavally, chief architect at Horizon3.ai. “What’s incredible is that this attack path isn’t hard coded as a runbook or predefined scripts anywhere in the product. Our machine learning techniques were able to figure out how to combine these different steps into an exploitable attack sequence safely in a production environment,” said Sunkavally. “Honestly, the hardest part of this problem is conveying these complex attacks in a way that allows an overwhelmed IT admin with no ethical hacking experience to understand exactly what to fix, and that was our focus in this product refresh.”

 Latest Interview Insights : AiThority Interview with Shaun McGirr, Field CDO at Dataiku

 [To share your insights with us, please write to sghosh@martechseries.com] 

Business Wire

Business Wire, a Berkshire Hathaway company, is the global leader in press release distribution and regulatory disclosure.
Public relations, investor relations, public policy and marketing professionals rely on Business Wire for secure and accurate distribution of market-moving news and multimedia.
Founded in 1961, Business Wire is a trusted source for news organizations, journalists, investment professionals and regulatory authorities, delivering news directly into editorial systems and leading online news sources via its multi-patented NX network. Business Wire’s global newsrooms are available to meet the needs of communications professionals and news media worldwide.

You might also like More from author

Comments are closed.