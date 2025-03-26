    StartseiteNachrichtenPressemitteilungenNachricht

    Horizon3.ai Releases 2025 Cybersecurity Insights Report

    Key Findings from Over 50,000 NodeZero® Pentests

    London (ots) - Keith Poyser, Vice President for EMEA: "This report offers a
    groundbreaking analysis based on real-world cyberattack techniques conducted at
    organisations across the globe, delivering invaluable insights."

    Horizon3.ai (https://www.horizon3.ai/) , a global leader in offensive security,
    today released its 2025 Cybersecurity Insights Report, revealing the common
    security gaps organisations struggle to close. By analysing exploit trends from
    50,000 NodeZero® autonomous security tests run in 2024, along with insights from
    a survey sample of nearly 800 security leaders and practitioners, the report
    presents clear evidence of how current security strategies are failing, and what
    organisations must change to stay ahead of evolving threats.

    Horizon3.ai defines offensive security as using real-world attacker techniques
    to identify and exploit weaknesses across IT environments-proving what's truly
    at risk. Unlike passive security, which relies on layered defences with
    unverified effectiveness, NodeZero autonomously conducts safe, full-scale tests
    that demonstrate exactly how attackers could compromise critical systems. The
    result: clear, actionable proof that enables teams to find, fix, and verify
    vulnerabilities-before adversaries strike.

    Horizon3.ai highlights key findings from the report:

    - Vulnerability Scanning Falls Short - Despite 98% of organisations using
    vulnerability scanning, only 34% find it highly effective due to false
    positives that hinder teams from focusing on real risks.
    - Credential-Based Attacks Remain a Major Risk - NodeZero successfully performed
    credential dumping in over 28,000 cases, demonstrating the widespread risk of
    weak credential practices and policies.
    - Patch Management Delays Leave Systems Exposed - Over half of practitioners
    (53%) and more than a third of security leaders (36%) admit to delaying
    patches due to operational constraints, leaving critical vulnerabilities open.
    - Known Vulnerabilities Remain Unpatched - NodeZero exploited 229 known
    vulnerabilities nearly 100,000 times in customer environments, demonstrating
    that many organisations struggle to remediate even widely recognized threats.

    "Security isn't about reacting-it's about outpacing your adversary," said Snehal
    Antani, CEO & Co-Founder of Horizon3.ai. "Too many organisations still confuse
    compliance for security, falling back on outdated assumptions and annual testing
    cycles. This report shows what modern defenders already know: you have to think
    like an attacker, validate like an operator, and build a security program that
    stands up to real-world pressure."
