Horizon3.ai - Automated Pen Testing as a Service

Documentation

The SUNBURST attack sent shockwaves across the world and cyberspace due to its depth and breadth. It was a validation of something that has been echoed since the dawn of crime:

It's not a matter of if, but when...

We at Horizon 3 AI are experienced practitioners of IT Operations, Cyber Defense, AND Cyber Offense. We know the struggles and hardships you face.

We are here to help, with a FREE offering called: Post-Breach Assessment (PBA)

PBA leverages the same capabilities as our NodeZero service, but focuses the results on potentially exposed credentials and data resources in your environment.

Understanding the data and credentials you are exposing to an attacker is critical to protecting them. Use this lens into your security posture to:

  • Identify weak and/or default credentials on hosts and services.
  • Identify data resources an attacker could access, destroy, and/or modify.

PBA recons and maneuvers using the same tactics as an attacker, chaining together harvested credentials + misconfigurations + dangerous defaults + exploitable vulnerabilities.

At the end of the operation, you will be provided with the discovered usernames, masked passwords, hashes and data repositories (file shares, databases, etc.) that were found in your environment.

We highly recommend running our Post-Breach Assessment on a regular basis to verify improvement in your security posture. New attack content is being added to operations on a constant basis, so you know you're seeing what an attacker could see.

To get started you can follow the Getting Started guide. The setup is almost identical to NodeZero, except you'll choose "Run a Post-Breach Assessment" instead of "Run a Pen Test."

Run a Post-Breach Assessment