Suppliers United States Horizon3.ai
This profile is not managed yet, if you would like to manage
this profile, please contact us at team@asiagrowthpartners.com
Horizon3.ai Logo

Horizon3.ai

United States
San Francisco
2019
Private
$10-100m
51 - 200
Open website

Horizon3.ai provides an autonomous Penetration Testing solution. The company offers NodeZero which enables organizations to continuously assess the security posture of their enterprise, including external, identity, Internet of Things, and cloud attack surfaces. It primarily serves the cybersecurity sector.

Read More
Horizon3.ai is a provider of Industrial IoT cybersecurity and privacy, and wearables technologies, and also active in the equipment and machinery, healthcare and hospitals, and national security and defense industries.
Technologies
Cybersecurity & Privacy
Endpoint Security
Intrusion Detection
Wearables
Tags & Patches
Use Cases
Intrusion Detection Systems
Inventory Management
Tamper Detection
Functions
Quality Assurance
Industries
Equipment & Machinery
Healthcare & Hospitals
National Security & Defense
Services
Cybersecurity Services
Testing & Certification
Horizon3.ai’s Technology Stack maps Horizon3.ai’s participation in the cybersecurity and privacy, and wearables IoT technology stack.
  • Application Layer
  • Functional Applications
  • Cloud Layer
  • Platform as a Service
    Infrastructure as a Service
  • Edge Layer
  • Automation & Control
    Processors & Edge Intelligence
    Actuators
    Sensors
  • Devices Layer
  • Robots
    Drones
    Wearables
  • Supporting Technologies
  • Analytics & Modeling
    Application Infrastructure & Middleware
    Cybersecurity & Privacy
    Networks & Connectivity
Technological Capability
None
Minor
Moderate
Strong
Number of Case Studies3
Overcoming Misreporting Tools: A Case Study on Patch Management in a Teaching Hospital
A teaching hospital, despite having a diligent IT team that tracked security updates and promptly patched critical issues using industry-leading tools, found itself in a precarious situation. The team was confident that they had patched a critical vulnerability, known as ZeroLogon, months earlier. They even had reports from Qualys and Microsoft DISM, both industry-leading tools, to back up their claim. However, when NodeZero exploited this supposedly patched vulnerability in under a day on several of their Active Directory domain controllers, the IT team insisted it was a false positive. NodeZero, on the other hand, had evidence of a detailed attack chain showing each step taken to get credentials, escalate privileges, and gain administrative rights to Active Directory. This discrepancy led to the hospital reapplying the patch and repeating the NodeZero autonomous pen test.
Maximizing Security with Minimum Effort: A Case Study on Horizon3.ai and NodeZero
The IT technical champion at a global manufacturing company was aware of the organization's security vulnerabilities despite having no existing compliance issues. The team was limited by budget constraints, only able to afford one penetration test per year. This was a significant challenge as the company's attack surface was expanding due to their growing IoT footprint. The organization needed a solution that could identify and address these vulnerabilities effectively and efficiently, without requiring significant resources or disrupting their operations.
Enhancing Security in Medical Clinic with NodeZero
A medical clinic with over 120 providers was facing a significant security challenge. Despite using best-in-class endpoint detection and response (EDR) software, the clinic was still vulnerable to cyber threats. NodeZero, a security solution, was able to identify a device’s Local Security Authority Subsystem Service Process (LSASS), dump and crack user credentials, move laterally, and gain Windows Domain Administrator privileges. This resulted in full domain rights, a situation that should have been detected and blocked by the EDR. Upon investigation, it was discovered that the EDR solution was misconfigured on several devices. Additionally, the clinic had neglected to purchase an add-on module designed to alert on lateral movement. The clinic also faced challenges in patch management. While they recognized the urgency to install updates to their infrastructure, understanding what to patch, what to defer, and ensuring that patches remediate weaknesses was a complex task.
Download PDF Version
test test