Horizon3.ai

We founded Horizon3.ai in 2019 in San Francisco, CA, to offer the NodeZero® platform. NodeZero continuously assesses, remediates, and verifies security risks. Our platform performs production-safe autonomous pentests across internal, external, cloud, and hybrid cloud environments. It doesn’t require agents, custom code, or external consultants.

NodeZero identifies exploitable vulnerabilities, prioritizes real threats, and speeds up remediation by moving through networks like an adversary. We offer various test types, including internal, external, and cloud pentesting, AD password audits, phishing impact testing, and rapid response to CISA KEVs. The platform integrates threat detection using auto-dropped honeytokens and provides zero- and N-day alerting based on our attack team’s research.

Our work with NodeZero includes autonomous pentesting, Continuous Threat Exposure Management (CTEM), threat detection, zero-day alerting, third-party risk management, and security controls validation. We also collaborate with the NSA to help secure the Defense Industrial Base. Our expertise includes cybersecurity, penetration testing, AI, machine learning, data security, attack surface management, and offensive security.

NodeZero has demonstrated its capabilities in several real-world scenarios, including:

• Compromising bank core systems in under 4 minutes.
• Discovering over 100,000 PII records in under 25 minutes.
• Compromising AWS identities and roles in under 22 minutes.
• Achieving full Domain Admin privileges in under 60 seconds.
• Taking over an Entra user account in under 19 minutes.
• Accessing CAD files of a US aircraft carrier from a third-party in under 5 minutes.

Our mission, since our founding in 2019, is to identify and resolve attack vectors before adversaries can exploit them. We aim to provide an attacker’s perspective, helping organizations prioritize their defensive efforts. We envision a future where algorithms handle most cyber threats at machine speed, with humans stepping in only when needed.

We are dedicated to solving common cybersecurity challenges:

• Ineffective security tools
• False positives and blind spots
• “Checkbox” security cultures
• The cybersecurity skills shortage
• High costs and long lead times for external consultants

Our values include:

• A drive to solve difficult problems
• Thriving in high-performing teams
• Grit and tenacity
• Continuous learning
• A passion for disrupting the cybersecurity industry

We employ between 201-500 individuals. Our team includes former U.S. Special Operations cyber operators, startup engineers, and experienced cybersecurity practitioners, many of whom are veterans from US National Security.

We cultivate a culture of “learn-it-alls” who are driven to build impactful products. We value diversity, drawing on a wide range of experience from technology startups, Fortune 500 companies, and the US Military. Collaboration and an entrepreneurial spirit are key parts of our work environment.

We are a remote-first company with team members worldwide. We have offices in San Francisco, Chicago, and Amsterdam, and we offer hybrid and remote positions.

We offer competitive compensation, health and dental care for our employees and their families, and a vacation package that includes four weeks off plus federal holidays.