Horizon3.ai enhances penetration testing with integrated threat detection

NodeZero Tripwires: Vulnerabilities are identified during a simulated attack, and digital tripwires are strategically placed at these points to trigger alerts during a real attack.

  • Wednesday, 11th September 2024 Posted 3 months ago in by Phil Alsop

The cyber security company Horizon3.ai has unveiled a new security concept called ‘NodeZero Tripwires’, which it describes as ‘revolutionary for the entire industry’. For the first time, during a simulated attack on a corporate network – known in industry jargon as a penetration test or pentest for short – ‘digital tripwires’ are automatically laid out as pitfalls for real attackers. The trick: During the simulation, NodeZero automatically detects which paths through the IT network are most vulnerable to attack. It then places the tripwires along those paths. When a real attacker approaches, the system immediately sounds an alarm if a 'tripwire' is broken, and alerts security teams so they can respond quickly.

Introducing a New Era in Cybersecurity

"Our new concept is pioneering a new era of cybersecurity," says Dennis Weyel, International Technical Director responsible for Europe at Horizon3.ai. He explains, "By providing a precisely placed early warning system for insecure attack paths during a pentest, NodeZero Tripwires significantly enhances a company's security posture and allows for stopping attack attempts in progress."

The concept is ingenious. During the pentest, NodeZero Tripwires automatically sets traps by distributing particularly enticing placebo information, such as fake files or non-functional login credentials, at vulnerable points in the network. These traps, known as "honeypots" in technical jargon, lure cybercriminals in—much like real honey attracts flies. As hackers approach the trap, they inadvertently trigger the strategically placed digital tripwires, allowing them to be stopped before they can cause any real damage.

Dennis Weyel draws a vivid comparison: "The Tripwires approach is similar to a home security system, where the first step is to systematically assess the most likely entry points for a burglar, and then install motion detectors along all the high-risk paths." He emphasises, "These paths aren't based on assumptions but are identified through simulated break-ins or pentests, grounded in facts. NodeZero Tripwires equips the entire house with an early warning system tailored specifically to that building."

Addressing Critical Gaps in Vulnerability Management

The new concept is particularly helpful in cases where a software vulnerability is known but cannot be fixed immediately. The software manufacturer must first analyse the vulnerability and then develop and test a program to address the issue. The time between discovering the vulnerability and providing a patch to fix it (Mean Time to Remediate, MTTR) averages around 58 days*. During these nearly two months, the IT networks of affected companies are largely defenseless against cybercriminals, who typically exploit this window of time. "In a pentest with NodeZero Tripwires, these vulnerabilities are identified and carefully secured with digital tripwires to detect and respond to any attack attempt immediately," explains Dennis Weyel, highlighting the innovative new approach to protecting corporate networks.

“NodeZero Tripwires represents a significant leap forward for organisations aiming to secure their systems during a critical window of exploitability,” explains Snehal Antani, CEO of Horizon3.ai. “The hardest part of building an early warning network is figuring out where to deploy decoys. By using pentest results as a guide, customers can now seamlessly deploy honey tokens – fake AWS credentials, Azure tokens, sensitive command tokens, kubeconfig files, etc – onto servers and file shares that are likely to be exploited, maximising signal and minimising noise. This fusion of autonomous pentesting and advanced threat detection distinguishes NodeZero Tripwires as a groundbreaking approach in the fight against cyber threats.”

The use of honeypot traps isn’t entirely new, admits Denney Weyel, "but until now, they have been deployed in networks based on rigid rules, without specifically targeting the truly critical entry points." This often led to false alarms, burdening security teams with unnecessary warnings. He says, "NodeZero Tripwires represents a radical departure from these outdated methods by autonomously identifying vulnerabilities as part of the penetration testing process."

According to the manufacturer, NodeZero Tripwires offers seamless integration with common Security Information and Event Management (SIEM) programs and other security tools. This allows the tripwire alerts to be effortlessly incorporated into security-related workflows.

Exclusive Global Solutions (XGS) aimed at reducing complexity, increasing value and accelerating time to revenue for global cybersecurity...

WPP and Kyndryl enhance creativity

Posted 1 week ago by Phil Alsop
Kyndryl and WPP, the creative transformation company, have created a modern, digital workplace using advanced technologies such as hybrid cloud and...
La Molisana, a leading Italian pasta company, selects Hitachi Vantara’s Virtual Storage Platform One offering, leveraging advanced data...

Cerabyte receives EIC Accelerator Grant funding

Posted 1 week ago by Phil Alsop
Cerabyte, the pioneering leader in ceramic-based data storage technology, has been awarded a highly sought-after grant from the European Innovation...

Peer Software unveils next-generation PeerGFS

Posted 1 week ago by Phil Alsop
Innovations for large-scale deployments focused on flexibility, operational efficiency, resilience, and data governance.
New wired and wireless network consolidates and transforms operations to underpin mission-critical gas production across Europe.
ELTEX, Inc., a pioneer in the e-commerce industry in Japan, has modernised its storage infrastructure with the InfiniBox® solution, achieving a 2.4x...

StorMagic SvHCI expands

Posted 1 week ago by Phil Alsop
StorMagic has introduced version 2.0 of its SvHCI full-stack HCI (hyperconverged infrastructure) solution, which is purpose-built for enterprise edge...