X

A teaching hospital, despite having a diligent IT team that tracked security updates and promptly patched critical issues using industry-leading tools, found itself in a precarious situation. The team was confident that they had patched a critical vulnerability, known as ZeroLogon, months earlier. They even had reports from Qualys and Microsoft DISM, both industry-leading tools, to back up their claim. However, when NodeZero exploited this supposedly patched vulnerability in under a day on several of their Active Directory domain controllers, the IT team insisted it was a false positive. NodeZero, on the other hand, had evidence of a detailed attack chain showing each step taken to get credentials, escalate privileges, and gain administrative rights to Active Directory. This discrepancy led to the hospital reapplying the patch and repeating the NodeZero autonomous pen test.

The IT technical champion at a global manufacturing company was aware of the organization's security vulnerabilities despite having no existing compliance issues. The team was limited by budget constraints, only able to afford one penetration test per year. This was a significant challenge as the company's attack surface was expanding due to their growing IoT footprint. The organization needed a solution that could identify and address these vulnerabilities effectively and efficiently, without requiring significant resources or disrupting their operations.

A medical clinic with over 120 providers was facing a significant security challenge. Despite using best-in-class endpoint detection and response (EDR) software, the clinic was still vulnerable to cyber threats. NodeZero, a security solution, was able to identify a device’s Local Security Authority Subsystem Service Process (LSASS), dump and crack user credentials, move laterally, and gain Windows Domain Administrator privileges. This resulted in full domain rights, a situation that should have been detected and blocked by the EDR. Upon investigation, it was discovered that the EDR solution was misconfigured on several devices. Additionally, the clinic had neglected to purchase an add-on module designed to alert on lateral movement. The clinic also faced challenges in patch management. While they recognized the urgency to install updates to their infrastructure, understanding what to patch, what to defer, and ensuring that patches remediate weaknesses was a complex task.