Horizon3.ai Gains FedRAMP High Authorization, Delivering on Its Commitment to Secure the Public Sector

Horizon3.ai, the global leader in offensive security, today announced it has gained Federal Risk and Authorization Management Program (FedRAMP®) High Authorization, unlocking the ability to support even the most security-sensitive federal missions. This milestone fulfills Horizon3.ai’s previously announced commitment to bring proof-based security to government agencies operating at the highest levels of compliance and risk exposure.

Horizon3.ai’s newly authorized platform, NodeZero Federal™, is now available to federal agencies under the FedRAMP High baseline. Built upon the proven commercial version of the NodeZero® Offensive Security Platform, NodeZero Federal™ is designed specifically to meet the heightened security and compliance demands of government environments. With this authorization in place, Horizon3.ai becomes the first and only cybersecurity vendor authorized to deliver continuous, autonomous pentesting within this strict regulatory framework.

“We built NodeZero to help defenders find and fix vulnerabilities before attackers exploit them—and with the FedRAMP High authorization, we’re now able to proactively secure critical federal systems,” said Snehal Antani, CEO and Co-founder of Horizon3.ai. “Our roots are in National Security, and with cyber warfare evolving at an unprecedented pace, we’re committed to improving the cyber resilience of the nation’s digital infrastructure, with support for Secret and Top Secret systems as our next major focus areas.”

This authorization builds on Horizon3.ai’s success with Federal partners, such as the NSA Cybersecurity Collaboration Center (CCC) program. As part of CCC, Horizon3.ai powers the NSA’s Continuous Autonomous Penetration Testing (CAPT) program, where Defense Industrial Base (DIB) suppliers use NodeZero to act as nation-state-level adversaries, identify and prioritize real attack paths, and continuously validate their defenses.

“With our FedRAMP High authorization, critical suppliers and federal agencies can verify and improve their cybersecurity posture, ensuring that limited resources are focused on fixing problems that truly matter," said Matt Hartley, CRO at Horizon3.ai. "These agencies can find, fix, and verify the remediation of CISA Known Exploitable Vulnerabilities (KEV) at scale, ensure their security operations center is effectively detecting and stifling attacks, and that security tools are tuned correctly. Offense drives defense, and no one knows this better than our US Federal customers.”

NodeZero Federal helps agencies streamline compliance with key cybersecurity mandates, including NIST SP 800-53—the foundational control framework behind FedRAMP—as well as evolving OMB policies and Executive Orders that require Zero Trust architecture, Cybersecurity Maturity Model Certification (CMMC) 2.0 for supply chain assurance, and participation in Continuous Diagnostics and Mitigation (CDM) programs.

For more information about Horizon3.ai’s NodeZero Federal™ and its FedRAMP High capabilities, visit their website.

About Horizon3.ai

The NodeZero® Offensive Security Platform by Horizon3.ai drives continuous exposure management across production infrastructure. With NodeZero, customers overcome barriers of limited security talent and infrequent, expensive penetration testing. They stay ahead of a rapidly-evolving threat landscape with autonomous pentesting, emerging threat intelligence, threat detection, and unified data and reporting. Founded in 2019 by former industry leaders and U.S. National Security veterans, Horizon3.ai solves diverse use cases across all industries.

Follow Horizon3.ai on LinkedIn and X.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250515365494/en/