Horizon3.ai enhances penetration testing with integrated threat detection

NodeZero Tripwires: Vulnerabilities are identified during a simulated attack, and digital tripwires are strategically placed at these points to trigger alerts during a real attack.

  • Wednesday, 11th September 2024 Posted 2 months ago in by Phil Alsop

The cyber security company Horizon3.ai has unveiled a new security concept called ‘NodeZero Tripwires’, which it describes as ‘revolutionary for the entire industry’. For the first time, during a simulated attack on a corporate network – known in industry jargon as a penetration test or pentest for short – ‘digital tripwires’ are automatically laid out as pitfalls for real attackers. The trick: During the simulation, NodeZero automatically detects which paths through the IT network are most vulnerable to attack. It then places the tripwires along those paths. When a real attacker approaches, the system immediately sounds an alarm if a 'tripwire' is broken, and alerts security teams so they can respond quickly.

Introducing a New Era in Cybersecurity

"Our new concept is pioneering a new era of cybersecurity," says Dennis Weyel, International Technical Director responsible for Europe at Horizon3.ai. He explains, "By providing a precisely placed early warning system for insecure attack paths during a pentest, NodeZero Tripwires significantly enhances a company's security posture and allows for stopping attack attempts in progress."

The concept is ingenious. During the pentest, NodeZero Tripwires automatically sets traps by distributing particularly enticing placebo information, such as fake files or non-functional login credentials, at vulnerable points in the network. These traps, known as "honeypots" in technical jargon, lure cybercriminals in—much like real honey attracts flies. As hackers approach the trap, they inadvertently trigger the strategically placed digital tripwires, allowing them to be stopped before they can cause any real damage.

Dennis Weyel draws a vivid comparison: "The Tripwires approach is similar to a home security system, where the first step is to systematically assess the most likely entry points for a burglar, and then install motion detectors along all the high-risk paths." He emphasises, "These paths aren't based on assumptions but are identified through simulated break-ins or pentests, grounded in facts. NodeZero Tripwires equips the entire house with an early warning system tailored specifically to that building."

Addressing Critical Gaps in Vulnerability Management

The new concept is particularly helpful in cases where a software vulnerability is known but cannot be fixed immediately. The software manufacturer must first analyse the vulnerability and then develop and test a program to address the issue. The time between discovering the vulnerability and providing a patch to fix it (Mean Time to Remediate, MTTR) averages around 58 days*. During these nearly two months, the IT networks of affected companies are largely defenseless against cybercriminals, who typically exploit this window of time. "In a pentest with NodeZero Tripwires, these vulnerabilities are identified and carefully secured with digital tripwires to detect and respond to any attack attempt immediately," explains Dennis Weyel, highlighting the innovative new approach to protecting corporate networks.

“NodeZero Tripwires represents a significant leap forward for organisations aiming to secure their systems during a critical window of exploitability,” explains Snehal Antani, CEO of Horizon3.ai. “The hardest part of building an early warning network is figuring out where to deploy decoys. By using pentest results as a guide, customers can now seamlessly deploy honey tokens – fake AWS credentials, Azure tokens, sensitive command tokens, kubeconfig files, etc – onto servers and file shares that are likely to be exploited, maximising signal and minimising noise. This fusion of autonomous pentesting and advanced threat detection distinguishes NodeZero Tripwires as a groundbreaking approach in the fight against cyber threats.”

The use of honeypot traps isn’t entirely new, admits Denney Weyel, "but until now, they have been deployed in networks based on rigid rules, without specifically targeting the truly critical entry points." This often led to false alarms, burdening security teams with unnecessary warnings. He says, "NodeZero Tripwires represents a radical departure from these outdated methods by autonomously identifying vulnerabilities as part of the penetration testing process."

According to the manufacturer, NodeZero Tripwires offers seamless integration with common Security Information and Event Management (SIEM) programs and other security tools. This allows the tripwire alerts to be effortlessly incorporated into security-related workflows.

Guardz expands in EMEA

Posted 2 days ago by Phil Alsop
Through a new partnership with Infinigate Cloud, Guardz will help to secure SMBs and support the MSP community across EMEA.
Data centre operators can now achieve the unparalleled speeds needed for the most demanding Artificial Intelligence (AI) applications, thanks to a...

Dell Technologies boosts AI for enterprises

Posted 2 days ago by Phil Alsop
Dell Technologies continues to make enterprise AI adoption easier with the Dell AI Factory, expanding the world’s broadest AI solutions portfolio....

AMD accelerates Exascale Computing

Posted 2 days ago by Phil Alsop
El Capitan, powered by the AMD Instinct MI300A APU, becomes the second AMD supercomputer to surpass the Exascale barrier, placing #1 on the Top500...
Global system integrator won over by simplicity, security and speed of the Cloudbrink service.
The Seeq platform will be leveraged to maximize production and increase energy efficiency across the largest biorefinery in Europe.
This global service forms part of the recently launched Intelligent Security portfolio and increases Logicalis' proactive threat-hunting capabilities...

Pure Storage invests in CoreWeave

Posted 4 days ago by Phil Alsop
Pure Storage and CoreWeave have announced Pure Storage’s strategic investment in CoreWeave to accelerate AI cloud services innovation. Alongside...