Episode Summary
In this episode, we welcome Alex Diaz. Alex is the Customer Success Lead at Horizon3.ai’s. He has extensive experience in intelligence positions with the US Military and Government. Horizon3.ai’s mission is to help you find and fix your attack vectors before criminals exploit them.
We go over what penetration testing, also know as pentesting, entails and how it helps organizations looking to test and improve their cybersecurity. Then we go into how it has been done traditionally and what new technology advances are happening today to revolutionize the whole process. NodeZero, Horizon3.ai’s automated penetration testing solution, enables organizations to continuously assess the security posture of their enterprise, including external, identity, on-prem, IoT, and cloud attack surfaces.
The important use-cases for autonomous penetration include:
- Validate security tools in place are properly configured and working.
- Determine if vulnerabilities in your system have a high risk to the environment.
- After patching or making system changes, an autonomous pentest can ensure everything is working correctly.
- Continuously test your systems in a systematic way, allowing organizations to benchmark and track success over time.
The top areas of weakness Alex and Horizon3.ai see in companies are shared in their 2022 year in review report. After analyzing 7,000 pentests from last year, these are the top 3:
- Weak credential policies
- Patching and incorrect configurations
- Lack of properly tuned security tools
An autonomous penetration test is not designed to simply replace a human penetration tester, but rather help them make the most of their time and better help the end customer. By combining physical penetration tests and social engineering with an autonomous penetration test, organizations can ensure they are protected from all angles.
Video Version
Listen to more episodes at www.airiam.com/podcast, on Spotify, Apple Podcasts, Google Podcasts, Amazon Music, and other podcast platforms.
