2024.03
Features/Enhancements
New Feature
We are thrilled to unveil the Rapid Response tests, a pioneering set of capabilities tailor-made to augment Horizon3.ai’s Rapid Response Program.
Rapid Response is a dedicated service from Horizon3 that proactively informs organizations of emerging, exploitable vulnerabilities relevant to assets previously scanned by NodeZero within their environments. A central page for Rapid Response alerts is slated for launch in the upcoming months.
Horizon3.ai's Rapid Response tests enable swift assessment and verification of specific, high-impact vulnerabilities within your environment, ensuring they are effectively mitigated. This curated list focuses on urgent, exploitable vulnerabilities demanding immediate attention and action.
Rapid Response tests will be executed through the “Run a Pentest” screen, concentrating solely on the selected vulnerabilities for the test.
Currently, Rapid Response tests are restricted to internal pentests. The expansion to include public-facing assets in these tests is planned for the near future. For now, to test public-facing assets, select “Run an External Pentest” to run a full External Pentest that includes this content.
New Attack Content
- Fortinet FortiClient EMS Vulnerability (CVE-2023-48788): NodeZero now tests for a recent SQL injection vulnerability leading to remote code execution and full server compromise.
- JetBrains TeamCity Authentication Bypass (CVE-2024-27198): Added to our attack suite.
- FortiClient EMS Application Fingerprinting: Improved detection of the FortiClient EMS application.
Other Updates & Improvements
- New Template Management Page: A fresh user interface for managing templates within your organization, facilitating the creation, editing, or deletion of templates.
- Active Directory Password Audit: Enhanced capability allowing NodeZero to extract NTDS secrets 10 times faster, along with bolstering the stability of the feature.
- AWS Attack Capabilities: NodeZero now enumerates lambda functions for sensitive data, such as AWS keys utilized as environment variables.
- Settings Page Redesign: The settings page has undergone a redesign for a more uniform appearance, aligning with other sub-navigated pages.
- Real-Time View Updates: Now includes minimum and maximum runtime information for ongoing pentests, provided they have been specified in the pentest configuration.
- External Assets: Introduced the functionality to sort by status type.
Fixed Bugs
- Screenshot Functionality: Resolved issues when taking screenshots related to invalid or weak SSL certificates.