Horizon3.ai Report: Over 50,000 Penetration Tests Reveal Persistent Security Gaps
Horizon3.ai has released its 2025 Cybersecurity Insights Report, analyzing over 50,000 NodeZero penetration tests. The findings highlight common security flaws organizations struggle to close.

Cybersecurity firm Horizon3.ai has published its 2025 Cybersecurity Insights Report, detailing findings from over 50,000 autonomous penetration tests conducted using its NodeZero platform throughout 2024. The report identifies persistent security weaknesses that organizations continue to face, despite employing various security tools.
The analysis reveals that vulnerability scanning, used by 98% of organizations, is considered highly effective by only 34% due to false positives. Furthermore, weak credential practices and delayed patch management leave systems exposed. Over half of security practitioners admit to postponing patches due to operational constraints, the report states.
Horizon3.ai emphasizes that current security strategies are insufficient to counter evolving threats. The company's offensive security approach, which simulates real-world attacker techniques, uncovers critical risks that passive defense measures often miss. Security leaders acknowledge that mere compliance or annual testing is inadequate for achieving robust security.
The report urges organizations to adopt an attacker's mindset and continuously validate their defenses. Horizon3.ai offers its cloud-based NodeZero platform for conducting safe, automated penetration tests and providing remediation recommendations. This strategy aims to help businesses meet increasing cybersecurity demands and stay ahead of potential threat actors.