In this demo, Knox from Horizon3.ai showcases Endpoint Security Effectiveness, a new NodeZero feature that puts your endpoint defenses to the test. Acting as a real-world threat actor, NodeZero safely executes attack techniques to reveal whether your EDR detects, blocks, or misses critical actions.
👉 Highlights from this walkthrough:
- Mimicking Black Basta and Conti TTPs, including PrintNightmare (CVE-2021-34527)
- Watching NodeZero land a RAT on a domain controller and track what it could achieve
- Seeing how misconfigurations in Microsoft Defender allowed 26 permitted malicious actions
- Demonstrating credential theft, file pilfering (including AWS keys), and cloud pivoting
- Mapping results to MITRE ATT&CK for clear visibility into coverage gaps
EDRs are essential — but out-of-the-box settings and untuned policies often leave dangerous blind spots. Endpoint Security Effectiveness shows you where defenses fail, so you can tune, validate, and harden your EDR with evidence — not assumptions.
Learn more about NodeZero: https://horizon3.ai/endpoint-security-effectiveness/?utm_source=youtube&utm_medium=social&utm_campaign=ese
---------------------------------------------------------------------------------------------------
Website: https://www.horizon3.ai/
Twitter: https://twitter.com/Horizon3ai
LinkedIn: https://www.linkedin.com/company/horizon3ai
