UPDATED 12:15 EST / AUGUST 30 2022

SECURITY

Former JSOC CTO takes aims at stopping cyberattacks before they happen with Horizon3 AI

Organizations aren’t always sure if their defense frameworks and cybersecurity posture are up to the challenge … until an actual attack or breach happens.

This raises the question: Can organizations efficiently create and maintain an upright security posture without having to test-drive it via debilitating attacks? Horizon3 AI Inc. might have an answer.

“What I wanted to do was proactively verify my security posture, make sure that my security tools were actually effective, that my people knew how to respond to a breach before the bad guys were there,” said Snehal Antani (pictured), co-founder and chief executive officer of Horizon3 AI. “And so this whole idea of continuously verifying my security posture through security testing became a passion project of mine for over a decade. And through my time in the DoD, I found the right group of people that had offensive and defensive cyber experience. And we came together at the end of 2019 to start Horizon3.”

Antani, format chief technology officer of the Joint Special Operations Command, a department of the U.S. Department of Defense, spoke with theCUBE industry analyst Lisa Martin in advance of the “Cybersecurity — Detect and Protect Against Threats” event, an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio, airing on Sept. 7. They discussed the importance of proactive cybersecurity given today’s unprecedented threat surface. (* Disclosure below.)

Threat actors run amok

Hacks, vulnerabilities and expensive ransomware incidents are as old as the first computer virus. However, the scale and pervasiveness with which the industry is witnessing them today is nothing short of unprecedented.

The main reason why security tools are falling short of detecting many malicious activities today is that the actors orchestrate their hacks to resemble valid behavior from the target organization, according to Antani. These would include things like social engineering to obtain valid login credentials and then waiting for one of the owners to reuse a compromised password.

“So really, the threat landscape is that attackers don’t hack in, they log in,” he said. “Organizations have to focus on getting the basics and fundamentals right first before they layer on some magic button that is some security AI tools hoping that it’s going to save their day. And that’s what we found systemically across the board.”

Ironically, the shape and manner of approach of today’s threat actors mean organizations need to return to and focus on the basics, Antani added.

“Fiercely prioritizing issues becomes really important, but the tools and the processes available don’t focus on prioritizing what’s exploitable; they prioritize by some arbitrary score from some arbitrary vulnerability scanner,” he explained. “And so what we have, as a fundamental breakdown, is that the small group of folks with the expertise to fix problems tend to be the most overworked and tend to have the most noise to sift through — so they don’t even have time to get to the basics.”

In addition to the solution, the security problems also present themselves as basic, according to Antani.

“Systemically, what we see are bad password or credential policies, least access and privileged management-type processes not being well implemented,” he said. “The domain user tends to be the local admin on the box with no ability to understand what is a valid login versus a malicious login. Those are some of the basics that we see systemically.”

Attackers only have to succeed once

The often-frustrating part about cybersecurity is that defenders have to be right every time, and attackers have to be right only once. No company wants to be the next big ransomware news headline, so security teams have a vastly more difficult task than the malicious actors themselves, according to Antani.

Horizon3 AI provides penetration testing (pentesting) as a service, and the company has built the tool to be immensely powerful and effortlessly simplistic.

“What we said up front was our primary users should be IT administrators, network engineers, and that IT intern who in three clicks should have the power of a 20-year pentesting expert,” Antani stated. “So the whole idea was empower and enable all of the fixers to find, fix and verify their security weaknesses continuously. That was the design goal.”

The primary difference between Horizon3’s offering and other equally-capable tools out there is that the former isn’t primarily designed to be used by security people, since they’re often task saturated, according to Antani.

“We wanted to do that without having to install credentialed agents all over the place, writing your own custom attack scripts, or having to do a bunch of configurations,” he concluded.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the “Cybersecurity — Detect and Protect Against Threats” event:

(* Disclosure: Horizon3 AI Inc. sponsored this segment of theCUBE. Neither Horizon3 nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU