Stephen Gates

Horizon3.ai

Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover vulnerabilities across AWS and Azure, prioritize identity risks, and secure your environment in just minutes. Stay ahead of threats. The post Mastering Cloud Security: Uncovering Hidden Vulnerabilities with NodeZero™ appeared first on Horizon3.ai ... Read More

How Horizon3.ai’s Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and where the at-risk software is deployed in your environment. To address the need to find what’s exploitable, ... Read More

Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability chaining, empowering organizations to prioritize and mitigate security weaknesses strategically. The post Enhancing Vulnerability Management: Integrating Autonomous Penetration Testing appeared first on Horizon3.ai ... Read More

On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in the PAN-OS® software that runs Palo Alto Networks® Next-Generation Firewalls (NGFWs). The post NodeZero: Testing for Exploitability of Palo Alto Networks CVE-2024-3400 appeared first on Horizon3.ai ... Read More

In early 2023, CISA launched their Ransomware Vulnerability Awareness Pilot (RVWP). It’s designed to warn critical infrastructure (CI) entities that their systems have exposed vulnerabilities that may be exploited by ransomware threat actors. The plan is to identify affected systems that may be prevalent in CI networks, then notify operators ... Read More

When it comes to IT security initiatives, many enterprises struggle to quantify business value and return on investment (ROI), often viewing their security spend solely as an insurance expense – a must-have in today’s world of compliance regulations and inevitable cyberattacks. But by implementing the right solutions, organizations can mitigate ... Read More

To say that 2020 was an unusual year would be an understatement. Business, government, healthcare, and education drastically changed with many organizations making massive digital transformations that were completely unplanned in many cases. The modifications nearly every organizations had to make were primarily driven by events outside of anyone’s control ... Read More

As federal agencies develop more online services and systems to meet the mission of the U.S. government, their appetite and need to develop and deploy secure software applications rapidly continues to grow. Many agencies are embracing DevSecOps and cloud services as a way to release these applications quickly; however, the ... Read More

The proliferation of software applications is accelerating due to the use of APIs, which have become the technological vascular system (so to speak) of nearly every application and online service. From mobile apps to backend servers, and from one online service to another, huge amounts of users’ interactions and data ... Read More

Today’s cybersecurity and software development students spend years in the classroom honing their skills for gainful employment once they graduate. They’re being equipped with deep knowledge of application vulnerabilities, real-world attack scenarios, and extensive software development expertise that includes secure coding practices. The many students the universities are educating today ... Read More