Horizon3.ai Raises $40M Series C to Confront Attackers with Proactive, Continuous Security Testing

The company behind pentesting solution NodeZero, Horizon3.ai now scaling R&D to deliver unmatched, enterprise-wide security platform

Horizon3.ai, a leading provider of autonomous security solutions, today announced $40M in Series C funding led by Craft Ventures with participation from Signal Fire. With 3x customer growth year-over-year, Horizon3.ai’s NodeZero™ platform has quickly become a leading industry tool for autonomous pentesting, helping customers quickly verify their security posture and reduce their exploitable attack surface. This funding will be used to build out Horizon3.ai’s enterprise-wide, proactive security platform, expand channel and partner presence and meet the growing demand of customers worldwide. Founded in late 2019, Horizon3.ai has raised a total of $78.5M to date.

The demand for NodeZero continues to skyrocket: Autonomous penetration testing was recently added as a new category in the U.S. Department of Defense Tech Watchlist. Customers using NodeZero today span 50 industries and 25 countries, including manufacturing, healthcare, financial services, education, and local government. With this new funding, Horizon3.ai will integrate pentesting, SOAR, and detection engineering into a security platform that enables customers to proactively secure their enterprise.

“Being a CISO has never been tougher. Enterprises must now deal with securing their on-prem infrastructure, multiple clouds, hundreds of SaaS services, and IoT assets. Attackers have their eyes on increasingly critical infrastructure like satellites, connected vehicles, fighter jets, and industrial control systems. What’s more, attackers don’t have to ’hack in’ using Zero Days like you see in the movies. Often, they are able to log in using easily guessable or breached employee passwords,” said Snehal Antani, founder and CEO of Horizon3.ai. “Customers turn to us to discover their exploitable attack paths, help fix their riskiest issues, and verify that their fixes worked before they fall into the crosshairs of attackers.”

“My former Commanding General often said, ‘Don’t tell me we’re secure, show me, then show me again tomorrow, and then again next week because our environment is constantly changing and our enemy is always evolving’," said Antani. “Looking at your enterprise through the eyes of the attacker, assuming breaches will happen, and continuously verifying your security posture are critical pillars for building secure organizations, and Horizon3.ai is leading the way.”

“We were super impressed by Horizon3.ai's fully automated approach to continuous penetration testing and security validation,” said Michael Robinson, Partner at Craft Ventures. “With every pentest executed, Horizon3.ai’s knowledge graphs get smarter, increasing its understanding of how an attacker can compromise a system. We are thrilled to be supporting Horizon3.ai on their next phase of growth.”

Bob Cariddi, CRO at Horizon3.ai, commented, “Driven by new and coming regulations including CMMC, DORA, and the recently announced breach reporting guidelines from the SEC, organizations want continuous risk assessment that proves their security effectiveness. Every major change to a company’s environment - applying a patch, deploying new applications, or onboarding new employees - means their attack surface has changed. The pentesting frequency should match this change frequency so that for every ‘Patch Tuesday,’ there’s a ‘Pentest Wednesday’. This continuous assessment approach needs to become second nature – automated in the same fashion as other business processes. This is where NodeZero delivers, and why our customers love it.”

“The move from point-in-time to continuous pentesting has been occurring over the last several years. Horizon3.ai’s knowledge graph approach is the most scalable and effective method I’ve witnessed to automate these processes in a way that truly mimics the behaviors of a certified pentester,” said Bil Harmer, 5-time CISO and Operating Partner at Craft Ventures. “We’re excited about the value Horizon3.ai will bring to customers as they add more capabilities on top of their unique data set that doesn’t exist commercially today.”

About NodeZero

NodeZero™ provides autonomous penetration testing delivered as a self-service SaaS offering. Red Teams use NodeZero as a force multiplier that can conduct infrastructure pentesting at-scale so humans can be a scalpel. Blue Teams rely on NodeZero to proactively harden their infrastructure. SOCs use NodeZero as a sparring partner to tune their security tools. CISOs use NodeZero’s results to prove their security posture to their boards, auditors, and regulators. NodeZero is safe to execute against production systems and is designed to enable a Purple Team culture by helping Red and Blue Teams work together to fix problems that truly matter.

About Horizon3.ai

Horizon3.ai was founded in 2019 by former industry and U.S. National Security veterans with the mission to help organizations see their networks through the eyes of the attacker and proactively fix problems that truly matter, improve the effectiveness of their security initiatives, and ensure that they are prepared to respond to real cyberattacks. Visit https://www.horizon3.ai/ for a free trial and let our results do the talking.

Follow Horizon3.ai on LinkedIn, YouTube, and Twitter.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230808659099/en/

My former Commanding General often said, ‘Don’t tell me we’re secure, show me, then show me again tomorrow, and then again next week because our environment is constantly changing and our enemy is always evolving'