Year in Review 2022

Through the Eyes of the Attacker

Pentests Run

Assets Assessed

Of Which

Of Which

Of Which

Related to Critical Impacts

As Part Of

As Part Of

Attack Paths to Impact

Print Report

Letter from the Authors

Welcome to the inaugural edition of Horizon3.ai’s Year in Review for 2022!

The Horizon3.ai Customer Threat Analytics Team would like to use this opportunity to share with you a fresh perspective on the cybersecurity landscape as we see it – through the eyes of an attacker. This allows our customers to ask themselves:

  • What does my environment look like?
  • Are my security tools effective?
  • Did we detect the right actions?
  • Are we logging the right things?
  • Is my sensitive data, or are my crown jewels and keys to the kingdom, safe?
Horizon3.ai asserts that the only way to get honest, accurate, and relevant answers to these questions is by taking an attacker’s perspective and routinely attacking our respective environments as a nefarious cyber threat actor would. This helps us and our customers find what is exploitable, fix what matters, and consequentially verify those fix actions.

To that end, we would like to share with you that fresh perspective by illustrating how our customers, across multiple industries and sectors, use NodeZero to find, fix, and verify exploitable misconfigurations and vulnerabilities in their environment with real-world tactics, techniques, and procedures used by attackers. Further, we will share with you the implications of the weaknesses or vulnerabilities found and the policy recommendations that we have for our customers and those that are seeking to improve their security posture.

Finally, we would like to say thank you to all the amazing customers and partners that work with us daily to constantly improve our capability and product. We hope that you find this report both insightful and useful.


-The Horizon3.ai Customer Threat Analytics Team