Horizon3.ai Achieves FedRAMP High Certification, Fulfilling Promise of Public Sector Security

San Francisco, 20 May 2025 – Today, Horizon3.ai, the global leader in offensive security, announced that it has received Federal Risk and Authorization Management Program (FedRAMP®) High Authorization. This significant achievement allows Horizon3.ai to provide support for highly security-sensitive federal missions. The company is fulfilling its commitment to deliver proof-based security to government agencies operating at the highest levels of compliance and risk exposure.

Horizon3.ai’s newly authorized platform, NodeZero Federal™, is now available to federal agencies under the FedRAMP High baseline. The platform is built on the successful commercial version of the NodeZero® Offensive Security Platform and is specifically designed to meet the rigorous security and compliance demands of government environments. With this authorization, Horizon3.ai becomes the first and only cybersecurity vendor authorized to deliver continuous, autonomous penetration testing within this strict regulatory framework.

Snehal Antani, CEO and Co-founder of Horizon3.ai, stated, “We built NodeZero to help defenders find and fix vulnerabilities and weaknesses before attackers exploit them – and with the FedRAMP High authorization, we’re now able to proactively secure critical federal systems. Our roots are in National Security, and with cyber warfare evolving at an unprecedented pace, we’re committed to improving the cyber resilience of the nation’s digital infrastructure, with support for Secret and Top Secret systems as our next major focus areas.”

This authorization builds upon Horizon3.ai’s success with Federal partners, such as the NSA Cybersecurity Collaboration Center (CCC) program. As part of CCC, Horizon3.ai powers the NSA’s Continuous Autonomous Penetration Testing (CAPT) program, where Defense Industrial Base (DIB) suppliers use NodeZero to act as nation-state-level adversaries, identify and prioritize real attack paths, and continuously validate their defenses.

Keith Poyser, Vice President for EMEA, stated, “Through our FedRAMP High authorization, federal agencies and key suppliers can assess and improve their cybersecurity stance, ensuring that their limited resources are focused on the issues that matter most. This enables agencies to systematically find, fix, and verify the mitigation of CISA Known Exploitable Vulnerabilities (KEVs) across their systems, ensure their security operations centers are effectively stopping attacks, and fine-tune their security tools. In the realm of cybersecurity, a strong offense is essential for building effective defense, a principle that our US Federal clients deeply understand.”

NodeZero Federal helps agencies streamline compliance with key cybersecurity mandates, including NIST SP 800-53 – the foundational control framework behind FedRAMP – as well as evolving OMB policies and Executive Orders that require Zero Trust architecture, Cybersecurity Maturity Model Certification (CMMC) 2.0 for supply chain assurance, and participation in Continuous Diagnostics and Mitigation (CDM) programs.

For more information about Horizon3.ai’s NodeZero Federal™ and its FedRAMP High capabilities, please visit their website. Stay updated on Horizon3.ai’s latest news and updates by following them on LinkedIn and X.

About Horizon3.ai and NodeZero: Horizon3.ai provides a cloud-based platform, NodeZero, that enables organizations and public authorities to simulate self-attacks on their IT infrastructure to assess their cyber resilience through penetration testing. The platform offers affordable, regular pentesting, making it accessible to mid-sized companies. Horizon3.ai continuously monitors the cybercrime landscape to ensure that newly discovered vulnerabilities are swiftly integrated into the cloud system. NodeZero not only identifies security flaws but also offers tailored recommendations for remediation. Through this platform, Horizon3.ai helps organizations meet rising regulatory demands for cyber resilience in Governance, Risk & Compliance (GRC), with guidelines recommending an internal self-attack at least once a week.

Trademark Notice: NodeZero is a trademark of Horizon3.ai.

Further Information: Horizon3.AI Europe GmbH, Prielmayerstrasse 3, 80335 Munich, Web: www.horizon3.ai

PR Agency: euromarcom public relations GmbH, Web: www.euromarcom.de, Email: team@euromarcom.de

This news article was distributed by Pressat, the UK’s leading press release distribution service.