Overview

Horizon3.ai pioneered the use of AI to hack organizations. The team which originated from US Special Operations, built an autonomous pentesting product called NodeZero. NodeZero continuously assesses an enterprise's attack surface, identifying ways an attacker could chain together harvested credentials, misconfigurations, dangerous product defaults, and exploitable vulnerabilities to compromise systems and data.

NodeZero is a true self-service SaaS offering that is safe to run in production and requires no persistent or credentialed agents. NodeZero can help organizations identify ineffective security controls and ensure limited resources are spent fixing problems that can actually be exploited.

Supernova Award Category

Tech Optimization and Modernization

The Problem

Everyone will inevitably experience a cyberattack at some point, which is why it’s crucial to harden your security system by finding and fixing attack vectors before criminals can exploit them.

Traditionally, exercising and testing the security of an enterprise could require expert human-in-the-loop penetration testing which takes weeks to execute, only assesses a small sample of your enterprise, and then requires you to re-engage the consultants to verify you’ve fixed a finding. This approach is outdated.

Today, most security tools are noisy, full of false positives, require persistent credentialed agents, and impose an enormous training and maintenance demand on IT and security teams. Security teams are overwhelmed with the non-contextual reports and dashboards these tools provide, which wastes a lot of valuable time and resources chasing vulnerabilities that don’t pose a real threat to their business.

For every ‘critical’ issue a security tool identifies, senior-most IT and security experts must go through and investigate the true risk to their critical data and systems only to find that most of those so-called ‘critical’ findings are not actually exploitable, cannot lead to a critical impact, or would have been successfully blocked by your security tools.

The truth of the matter is: the hardest part of the job in cybersecurity is deciding what NOT to do.

The Solution

In order to ensure that companies stay safe in the face of cyberthreats, it was time to fundamentally rethink the way penetration tests are conducted. Today it’s possible to capture the in-depth knowledge, insights, and practices of the best pentesters and model them in software.

Horizon3.ai’s autonomous pentesting platform, NodeZero, models the behaviors of attackers in software, capturing the various paths they take to break into corporate networks. The result is a software-as-a-service (SaaS) platform that performs automated, autonomous penetration tests on demand.

Autonomous pentesting brings numerous benefits over traditional testing. For one, customers can run pentests as often as they want, even multiple times per week. It’s a self-service platform, with little overhead for IT groups. Now there’s no need to wonder if they’re susceptible to whatever the latest threat is. They can quickly run a pentest and find out.

The results

Horizon3.ai built an autonomous pentesting product called NodeZero that was able to successfully hack a bank in 7 minutes and 19 seconds. No humans were involved, no custom software was developed, and there was no “cheating” – the algorithms were not told anything about the bank’s environment. In those 7 minutes, NodeZero was able to map the environment (called reconnaissance), successfully capture user IDs & passwords, and chain together software misconfigurations and vulnerabilities to become a Domain Administrator, which means NodeZero had the keys to the kingdom and could have destroyed data, locked out users, and shut down critical business systems. Shockingly this bank had the latest cybersecurity tools, but not a single security alert was triggered because these tools from many vendors were not designed to work together. These tools are easy to misconfigure and can be hard to learn to use properly.

NodeZero is used by the good guys as a “sparring partner” to organizations quickly find & fix the holes in their cybersecurity tools & processes. But the bad guys are also trying to apply AI as a cyber weapon, and there is an arms race brewing between AI-based attack and AI-based defense.

The more pentests NodeZero executes, the smarter it gets, which will help organizations constantly have a pulse on whether there are any exploitable vulnerabilities in their environment.

Metrics

Traditional vulnerability assessment solutions at mid-sized organizations (~2500 IPs) would require multiple products & services totaling $300k+ annually to achieve results. This can be done at a fraction of the cost with Horizon3.ai, as it delivers a true SaaS “turn-key” solution requiring zero administration. NodeZero eliminates the need for siloed tools and costly consultants which inevitably incur additional maintenance footprint and training debt on an organization’s annual budget.

Customer have seen the following business outcomes:

• Displaced annual $25K PCI DSS Scoping and Segmentation tests, allowing for the reallocation of funds
• Saved and avg of 20+ hours/month creating and managing runbooks and agents. Equivalent 1.5+ months of labor (~$20K/year)
• NodeZero saved 2+ years of prior wasted labor ($240K) chasing unexploitable vulnerabilities, enabling a 4 person team to operate like a 20-person Purple Team

The Technology

NodeZero is an autonomous penetration testing platform that continuously assesses an enterprise's attack surface, identifying ways an attacker could chain together harvested credentials, misconfigurations, dangerous product defaults, and exploitable vulnerabilities to compromise systems and data. NodeZero helps organizations focus on fixing problems that can actually be exploited, saving time and resources spent chasing false positives.

Disruptive Factor

We see our base competitors among automated and manual pentesting companies, and we’ve been able to displace and supplant other cybersecurity companies with differing capabilities who are frustrating their customers.

10002. closest competitors (Pcysys, Randori, etc.) execute automated pentesting and continuous attack surface management (BishopFox, Cycognito, etc.).

While each of them focused early on public-facing external pentesting, we focused on the hard part: internal attacks. As such, our product—NodeZero—treats every operation like a new knowledge graph, uniquely crafted, but commonly assembled. As such, our product is built to scale fast based on our Findings/Attack Routines/Modules (FARMs) foundation. Because our attack content is based on tactic and technique rather than scripted paths, we are able to add FARM content to our base model and go deeper (post-exploitation, local machine telemetry, control validation) and broader (hybrid cloud, IOT, ICS/SCADA (OT)), providing more control, more speed, and more coverage to our customers now and into the future.

Shining Moment

NodeZero gives IT administrators and network engineers security superpowers, enabling them to operate like ethical hackers with 20 years of experience and act as a force multiplier for MSP and MSSP partners. Horizon3.ai’s vision is to deliver continuous attack paired with continuous defense -- the ultimate purple team - executing an integrated learning loop  find, fix, verify - that gets smarter with every interaction, all delivered as an autonomous security platform.