Horizon3.ai Launches NodeZero Kubernetes Pentesting
January 07, 2025

Horizon3.ai announced the release of NodeZero™ Kubernetes Pentesting, a new capability available to all NodeZero users.

Designed to deploy directly within Kubernetes clusters, this solution equips organizations with the ability to identify and exploit vulnerabilities from an attacker’s perspective, uncovering weaknesses that could jeopardize entire infrastructures.

Kubernetes has become foundational to modern environments, offering flexibility to scale containerized applications. However, as adoption of managed Kubernetes distributions like AWS Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), and Azure Kubernetes Service (AKS) grows, the risks from complex and distribution-specific weaknesses increases as well. NodeZero’s offensive approach prioritizes real-time security testing at the runtime level, revealing the “blast radius” attackers could achieve by chaining Kubernetes-specific vulnerabilities with cloud and on-premises infrastructure weaknesses.

"With Kubernetes operating as essential infrastructure, security teams must defend it as rigorously as any core system,” said Snehal Antani, CEO and Co-Founder of Horizon3.ai. “NodeZero Kubernetes Pentesting goes beyond surface checks—showing exactly how attackers can exploit weaknesses in real time. This is about putting organizations in a ‘wartime’ stance, enabling them to see the true paths of attack and proactively harden their defenses against evolving threats."

NodeZero Kubernetes Pentesting differentiates itself through advanced runtime security testing and ease of deployment, allowing organizations to achieve the continuous security assurance demanded by today’s threat landscape. Unlike traditional security tools focused on compliance or control plane analysis, NodeZero tests in real time, uncovering vulnerabilities like container escapes and RBAC misconfigurations that attackers exploit to move laterally, escalate privileges, and compromise underlying infrastructures.

The release underscores a shift in cybersecurity toward offensive-based assessments that employ adversarial techniques. Traditional compliance-driven assessments often miss critical gaps that attackers could exploit, leaving organizations exposed. With NodeZero’s use of real-world tactics, techniques, and procedures (TTPs) that mimic attacker behavior within Kubernetes environments, security teams can prioritize the most pressing threats and address exploitable vulnerabilities before they become gateways for adversaries.

Designed for any Kubernetes distribution, including EKS, GKE, and AKS, NodeZero’s pentesting capabilities provide advanced protection across both cloud and on-premises clusters. This solution underscores Horizon3.ai’s commitment to proactive, high-impact cybersecurity innovation, helping organizations navigate and secure the complexities of Kubernetes at scale.

Share this

Industry News

May 08, 2025

AWS announced the preview of the Amazon Q Developer integration in GitHub.

May 08, 2025

The OpenSearch Software Foundation, the vendor-neutral home for the OpenSearch Project, announced the general availability of OpenSearch 3.0.

May 08, 2025

Jozu raised $4 million in seed funding.

May 07, 2025

Wix.com announced the launch of the Wix Model Context Protocol (MCP) Server.

May 07, 2025

Pulumi announced Pulumi IDP, a new internal developer platform that accelerates cloud infrastructure delivery for organizations at any scale.

May 07, 2025

Qt Group announced plans for significant expansion of the Qt platform and ecosystem.

May 07, 2025

Testsigma introduced autonomous testing capabilities to its automation suite — powered by AI coworkers that collaborate with QA teams to simplify testing, speed up releases, and elevate software quality.

May 06, 2025

Google is rolling out an updated Gemini 2.5 Pro model with significantly enhanced coding capabilities.

May 06, 2025

BrowserStack announced the acquisition of Requestly, the open-source HTTP interception and API mocking tool that eliminates critical bottlenecks in modern web development.

May 06, 2025

Jitterbit announced the evolution of its unified AI-infused low-code Harmony platform to deliver accountable, layered AI technology — including enterprise-ready AI agents — across its entire product portfolio.

May 05, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, and Synadia announced that the NATS project will continue to thrive in the cloud native open source ecosystem of the CNCF with Synadia’s continued support and involvement.

May 05, 2025

RapDev announced the launch of Arlo, an AI Agent for ServiceNow designed to transform how enterprises manage operational workflows, risk, and service delivery.

May 01, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.

May 01, 2025

Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.

May 01, 2025

Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.