Download PDF
Horizon3.ai
Overview
HQ Location
United States
Year Founded
2019
Company Type
Private
Revenue
$10-100m
Employees
51 - 200
Website
Twitter Handle
Company Description
Horizon3.ai provides an autonomous Penetration Testing solution. The company offers NodeZero which enables organizations to continuously assess the security posture of their enterprise, including external, identity, Internet of Things, and cloud attack surfaces. It primarily serves the cybersecurity sector.
IoT Snapshot
Horizon3.ai is a provider of Industrial IoT cybersecurity and privacy, and wearables technologies, and also active in the equipment and machinery, healthcare and hospitals, and national security and defense industries.
Technologies
Use Cases
Functional Areas
Industries
Services
Technology Stack
Horizon3.ai’s Technology Stack maps Horizon3.ai’s participation in the cybersecurity and privacy, and wearables IoT Technology stack.
-
Devices Layer
-
Edge Layer
-
Cloud Layer
-
Application Layer
-
Supporting Technologies
Technological Capability:
None
Minor
Moderate
Strong
Case Studies.
Case Study
Overcoming Misreporting Tools: A Case Study on Patch Management in a Teaching Hospital
A teaching hospital, despite having a diligent IT team that tracked security updates and promptly patched critical issues using industry-leading tools, found itself in a precarious situation. The team was confident that they had patched a critical vulnerability, known as ZeroLogon, months earlier. They even had reports from Qualys and Microsoft DISM, both industry-leading tools, to back up their claim. However, when NodeZero exploited this supposedly patched vulnerability in under a day on several of their Active Directory domain controllers, the IT team insisted it was a false positive. NodeZero, on the other hand, had evidence of a detailed attack chain showing each step taken to get credentials, escalate privileges, and gain administrative rights to Active Directory. This discrepancy led to the hospital reapplying the patch and repeating the NodeZero autonomous pen test.
Case Study
Maximizing Security with Minimum Effort: A Case Study on Horizon3.ai and NodeZero
The IT technical champion at a global manufacturing company was aware of the organization's security vulnerabilities despite having no existing compliance issues. The team was limited by budget constraints, only able to afford one penetration test per year. This was a significant challenge as the company's attack surface was expanding due to their growing IoT footprint. The organization needed a solution that could identify and address these vulnerabilities effectively and efficiently, without requiring significant resources or disrupting their operations.
Case Study
Enhancing Security in Medical Clinic with NodeZero
A medical clinic with over 120 providers was facing a significant security challenge. Despite using best-in-class endpoint detection and response (EDR) software, the clinic was still vulnerable to cyber threats. NodeZero, a security solution, was able to identify a device’s Local Security Authority Subsystem Service Process (LSASS), dump and crack user credentials, move laterally, and gain Windows Domain Administrator privileges. This resulted in full domain rights, a situation that should have been detected and blocked by the EDR. Upon investigation, it was discovered that the EDR solution was misconfigured on several devices. Additionally, the clinic had neglected to purchase an add-on module designed to alert on lateral movement. The clinic also faced challenges in patch management. While they recognized the urgency to install updates to their infrastructure, understanding what to patch, what to defer, and ensuring that patches remediate weaknesses was a complex task.