Horizon3.ai, a pioneer in autonomous security solutions, has launched its first-to-market Phishing Impact test capability within Nodezero. This new capability marks a significant advancement in penetration testing, addressing what the company believes to be a critical gap in understanding the real-world implications of phished credentials.
Horizon3.ai Co-Founder and CEO Snehal Antani said: “Phishing is the most common type of cyber attack. Today there are over 1.35 million unique phishing sites detected worldwide. Every day, IT and security teams leverage sophisticated, state-of-the-art security training and in-house phishing tests to raise security awareness and identify susceptible human targets, yet every day, new attacks succeed because humans are naturally responsive, and attacks are increasingly sophisticated. Our Phishing Impact test is first-to-market and gives you the ammunition required to drive meaningful improvements to reduce the credential attack surface of your organisation.”
Business leaders often dismiss the threat of entry-level employees who click on malicious links, leading to frustration by IT and security organisations. The Phishing Impact test delivered by Nodezero can help those IT and security teams accurately convey the “blast radius” of those phished credentials, proving that sensitive data was indeed at risk.
“The Nodezero Phishing Impact test is the natural complement to supplement phishing tools such as Knowbe4, Proofpoint, Infosec IQ, Mimecast, and in-house initiatives, and it represents the next step in responsible cybersecurity diligence,” said Stephen Gates, Principal Security SME at Horizon3.ai. “Organisations can now prove the end-to-end impact when an intern’s credentials were phished during a training exercise.”
By adding a few lines of Javascript code provided by Nodezero to phishing pages created using popular testing tools, organisations can automatically channel captured credentials into an active Nodezero penetration test. This test then utilises those phished credentials in conjunction with exploitable security weaknesses discovered by Nodezero as part of its attack against the network.
The outcome is a comprehensive report detailing the impact of each phished credential, offering organisations unprecedented insights into their security posture. This not only enhances their understanding of potential threats but also drives effective improvements to safeguard their systems against real-world attacks.
Horizon3.ai’s Phishing Impact test with Nodezero is thought to be a first-of-its-kind tool, equipping organisations with the knowledge and resources to proactively address vulnerabilities in their cyber security defences.
