Olivia
Online
Hailey Horton
@_haiho
Joined May 2009
384 Following
487 Followers
12.1K Posts
This attack path led to:
• Full Active Directory Domain compromise
• Full Entra tenant compromise
But the interesting part isn’t just the outcome.
It’s how we got there. 🧵
Over 100 partners are joining us today at our Global Partner Conference as we doubled down on a simple belief: the channel is how you scale offensive security outcomes. 🤝
With 32% of Q4 bookings sourced through the channel and ~70% of customers supported by MSSPs, we’re investing in a Partner First model built for execution. 💪
Learn how we’re doing it at https://t.co/tzthETqwRJ
#ProactiveSecurity #AISecurity #PartnerFirst
Given recent geopolitical developments and increased nation-state cyber activity, #NodeZero now highlights when weaknesses discovered during pentests correspond to vulnerabilities previously exploited by Iranian-backed threat actors.
For a limited time, this Threat Actor Intelligence is visible to all NodeZero customers, helping security teams quickly prioritize exposures that align with real-world adversary behavior.
Learn more about NodeZero Threat Actor Intelligence at https://t.co/lcSraC7D4J.
#OffensiveSecurity #AutonomousSecurity #pentesting #infosec
From San Francisco… to Times Square. 🗽
@Nasdaq just celebrated https://t.co/BzPBsP6eJN as one of the 2025 @Deloitte Technology Fast 500™ Bay Area winners, and the numbers that got us here are hard to ignore:
🥇 No. 1 fastest-growing company in the Bay Area
🥉 No. 3 fastest-growing company in North America
🚀 19,939% growth in just 3 years
Appearing on this list is a reflection of a massive shift in cybersecurity, where organizations are done guessing their business risk. Instead, they’re using https://t.co/BzPBsP6eJN's Proactive Security Platform to continuously prove what’s exploitable, fix what matters, and stay ahead of attackers at machine speed.
This is what the Fast 500 is all about: real momentum, real impact, and companies redefining their industries. 💪
#DeloitteFast500 #Cybersecurity #AI #ProactiveSecurity #NodeZero
Big news today: https://t.co/BzPBsP6eJN is recognized by Fast Company as one of the most innovative companies in 2026, joining the ranks of @Google, @nvidia, and more. 🎉
After building #NodeZero, the world’s best #AI hacker, innovation comes naturally.
https://t.co/BzPBsP6eJN’s AI-native Proactive Security Platform is changing the game, giving organizations security they can prove. They can safely execute real attacks at machine speed, uncover what’s actually exploitable, and prove their defenses hold up in the real world — against attackers who are already leveraging AI to wreak havoc.
🔗 Visit https://t.co/W0ivfYa7uI learn more about this honor and see the full list of winners.
#ProactiveSecurity #AISecurity #cybersecurity #infosec
🚨 LiteLLM supply chain attack: versions 1.82.7 & 1.82.8 contained a credential stealer.
If you installed them → assume compromise.
#RSAC2026 is almost here, and we’ll be at Booth N-4201 with industry experts ready to connect. Stop by to see how teams are using AI-driven offensive security to:
✔️ Expose real attack paths — and the business impact behind them
✔️ Prioritize what’s truly exploitable
✔️ Prove fixes actually change attacker outcomes
✔️ Operationalize pentesting into a continuous Hack-Fix-Verify-Repeat cycle
We’re also participating in multiple events throughout the week — including the @nightdragon Innovation Summit, RSAC Public Sector Day, and more.
📆 Book your #NodeZero demo and see our full event lineup at https://t.co/haTMA4smoN.
#RSA26 #RSAC26 #OffensiveSecurity #AutonomousPentesting
Cyber resilience isn’t just a technology problem — it’s a leadership one.
Setting the cadence is the CXO’s job.
Regular testing.
Regular reviews.
Clear accountability for what was missed and what gets fixed next.
Tools don’t create resilience. Operating rhythm does.
#CXO #SecurityLeadership #pentesting #infosec
Phishing metrics can be misleading.
Low click rates look good on a dashboard, but they don’t tell you what happens after credentials are stolen. 🧵
Security leaders are watching geopolitical tensions closely right now.
Periods like this often correlate with increased cyber activity from state-aligned operators. Recent patterns suggest Iranian cyber operations may be shifting toward a more decentralized model. 🧵
All gas. No drag. 🏎️ 🏁
That's the mindset at CKO and SKO this week, where we're doubling down on what matters most for our customers: security they can prove.
Special thanks to @NewAmericanTeam Attack Surface & Vulnerability Management Director Jodie Head and @nightdragon Managing Director Morgan Kyauk for joining us and sharing such valuable insights!
#NodeZero #ProactiveSecurity #pentesting #infosec
https://t.co/8NJb3movIh is coming off a breakout year, delivering incredible results powered by #NodeZero, the world’s best AI hacker. 🔥
More on our FY2026 growth at https://t.co/aKX28tkE9l.
#ProactiveSecurity #AIHacker #pentesting #infosec
Just like #NodeZero, our growth isn’t theoretical — it’s proven in production. Coming off a breakout year, we delivered:
📈 102% YoY ARR growth
🌎 5,200+ organizations worldwide running NodeZero
🔁 125% Net Dollar Retention
📊 94% Gross Dollar Retention
🤝 32% of Q4 bookings via channel partners
All powered by the world’s most experienced AI hacker, with 225,000+ production-safe pentests executed across real enterprise environments. 💪
More in our latest press release: https://t.co/c2oAuSVhY8
#ProactiveSecurity #AutonomousSecurity #pentesting #infosec
ICYMI: We’ve published new analysis on how Iranian cyber operations may evolve as geopolitical tensions escalate.
Common patterns across campaigns include rapid exploitation of internet-facing vulnerabilities, quick pivots to identity systems, interest in OT/critical infrastructure, and supply chain access.
Breakdown + defensive priorities on the blog: https://t.co/Gcxt3WKGaC
#OffensiveSecurity #pentesting #infosec
https://t.co/BzPBsP6eJN has been named to @stiennon's Cyber 150 for the third year in a row! 💪
It’s another milestone in a year of strong momentum:
🏆 No. 3 overall on the @Deloitte Technology Fast 500
🏆 No. 1 in cybersecurity on the @Inc 5000 — and no. 121 overall
🏆 Over 4,500 organizations using #NodeZero® globally, with over 180,000 autonomous pentests executed
This growth reflects a broader shift in cybersecurity: defenders are adopting an attacker’s mindset and using AI-powered offensive security to continuously prove defenses actually work.
Check out the full Cyber 150 at https://t.co/VEXF4quwzQ.
#Cyber150 #ProactiveSecurity #OffensiveSecurity #pentesting
Thank you to Nasdaq for celebrating Holly Grey's appointment as CFO at https://t.co/BzPBsP6eJN. Holly joined us last summer, and in a short time has already made a huge impact — bringing deep operating experience as we continue to scale.
We’re lucky to have her leadership as we enter our next phase of growth. Grateful for the recognition, and even more grateful to have Holly on the team. 🙌
Why do so many Active Directory breaches go undetected early?
Because the first attacker actions use native Kerberos and LDAP traffic that looks completely legitimate.
In our latest research, we show how to flip that dynamic using a simple idea: tripwire identities in Active Directory.
These are purpose-built accounts that are never used by people or applications. Any interaction with them provides a clear signal that cuts through the noise, detected immediately through native Domain Controller logs.
The result is early warning during reconnaissance and credential access, not after escalation.
If AD is mission-critical in your environment, this walkthrough shows a low-friction way to reduce attacker dwell time: https://t.co/gF0lTfXfwU.
#ActiveDirectory #DeceptionTech #pentesting
Across the federal government, #ZeroTrust progress is often measured in spreadsheets, frameworks, and documentation, not operational effectiveness.
That’s where NodeZero Federal comes in. It helps agencies move from paper compliance to real-world validation by:
• Emulating real attacker behavior across identity, device, network, application, and data
• Producing audit-ready evidence mapped to FedRAMP, NIST, CMMC, CDM, and OMB M-22-09
• Enabling a continuous Find–Fix–Verify cadence instead of annual point-in-time tests
Bottom line: Zero Trust can’t just be claimed. It has to be proven, continuously, against real attack paths.
Read the full blog from https://t.co/BzPBsP6eJN Federal Technical Director Tim Jones: https://t.co/aQ9aBcXuUE
#FederalSecurity #ZeroTrustSecurity #OffensiveSecurity
🧵 If you don’t test #ZeroTrust controls against real attack paths, you don’t know if they work.
Here’s how #NodeZero Federal approaches it 👇
Security programs don’t fail because teams ignore risk.
They fail because risk is measured once a year, while environments change every week.
For one organization operating in the financial and insurance industry, annual, compliance-mandated pentests created a false sense of control. 🧵
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers