Actu
Horizon3.ai Enhances Penetration Testing with Integrated Threat Detection
September 2024 by Marc Jacob
The cyber security company Horizon3.ai has unveiled a new security concept called ‘NodeZero Tripwires’, which it describes as ‘revolutionary for the entire industry’. For the first time, during a simulated attack on a corporate network – known in industry jargon as a penetration test or pentest for short – ‘digital tripwires’ are automatically laid out as pitfalls for real attackers. The trick: During the simulation, NodeZero automatically detects which paths through the IT network are most vulnerable to attack. It then places the tripwires along those paths. When a real attacker approaches, the system immediately sounds an alarm if a ’tripwire’ is broken, and alerts security teams so they can respond quickly.
Introducing a New Era in Cybersecurity
The concept is ingenious. During the pentest, NodeZero Tripwires automatically sets traps by distributing particularly enticing placebo information, such as fake files or non-functional login credentials, at vulnerable points in the network. These traps, known as "honeypots" in technical jargon, lure cybercriminals in—much like real honey attracts flies. As hackers approach the trap, they inadvertently trigger the strategically placed digital tripwires, allowing them to be stopped before they can cause any real damage.
Addressing Critical Gaps in Vulnerability Management
The new concept is particularly helpful in cases where a software vulnerability is known but cannot be fixed immediately. The software manufacturer must first analyse the vulnerability and then develop and test a program to address the issue. The time between discovering the vulnerability and providing a patch to fix it (Mean Time to Remediate, MTTR) averages around 58 days*. During these nearly two months, the IT networks of affected companies are largely defenseless against cybercriminals, who typically exploit this window of time. "In a pentest with NodeZero Tripwires, these vulnerabilities are identified and carefully secured with digital tripwires to detect and respond to any attack attempt immediately," explains Dennis Weyel, highlighting the innovative new approach to protecting corporate networks.
According to the manufacturer, NodeZero Tripwires offers seamless integration with common Security Information and Event Management (SIEM) programs and other security tools. This allows the tripwire alerts to be effortlessly incorporated into security-related workflows.
