Horizon Company Cyber Security Posture
omnissa.comOmnissa Horizon is an industry-leading solution designed to revolutionize virtual desktops and apps delivery โ on-premises, in the cloud, or in hybrid environments.
Horizon Company Details
vmwarehorizon
42 employees
24796.0
511
Software Development
omnissa.com
Scan still pending
HOR_3318590
In-progress
Horizon Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Horizon Global Score.png)
Horizon Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Horizon Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Symantec | Breach | 60 | 3 | 02/2019 | SYM1336271222 | Link | |
Rankiteo Explanation : Attack with significant impact with internal employee data leaksDescription: Security firm Symantec was attacked by a hacker back in February 2021 in which the hackers extracted some of the data. This comprises not only passwords but a list of Symantec clients -- including government agencies. The hacker was able to access a list of clients using Symantec's CloudSOC services, account managers and account numbers. | |||||||
| VMware Horizon | Ransomware | 85 | 5 | 01/2022 | VMW1659222 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: VMware Horizon servers were targeted by NightSky Ransomware Group through the Apache Log4J Shell vulnerability. Microsoft issued a warning to fix the Log4Shell vulnerability on their VMware Horizon servers as quickly as possible. | |||||||
| Broadcom | Ransomware | 100 | 4 | 5/2025 | BRO325051825 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: A ransomware attack at a Middle Eastern business partner of payroll company ADP has led to customer data theft at Broadcom. The HR department has begun informing affected current and former staff. The attack, claimed by the El Dorado ransomware group, resulted in the compromise of personal data including National ID numbers, financial account numbers, and personal contact information. The data was made available on the internet, affecting 560 users and potentially opening up the attack surface to 35 additional companies. Broadcom urged affected individuals to enable multi-factor authentication and monitor financial records for unauthorized activity. | |||||||
| Symantec | Vulnerability | 60 | 3 | 06/2016 | SYM44121823 | Link | |
Rankiteo Explanation : Attack with significant impact with internal employee data leaksDescription: Tavis Ormandy identified Symantec and Norton flaws that cybercriminals may use to gain access to users' data. There were 17 items on the list of vulnerable Symantec enterprise products. On the Symantec website, these items had been listed as a security advisory. Malware concealed in an executable file had a chance to obtain total access to the computer running the operating system, it was discovered that Symantec decompressed files in the operating system's kernel. | |||||||
| Broadcom | Vulnerability | 25 | 1 | 7/2025 | BRO809071525 | Link | |
Rankiteo Explanation : Attack without any consequencesDescription: A critical security vulnerability has been discovered in Broadcomโs Symantec Endpoint Management Suite that enables unauthenticated remote code execution, posing significant risks to enterprise IT infrastructure. The flaw, designated CVE-2025-5333 with a severe CVSS v4.0 score of 9.5, affects multiple versions of the widely-deployed endpoint management solution and has prompted immediate mitigation recommendations from security experts. The vulnerability resides in the Symantec Altiris Inventory Rule Management (IRM) component, specifically targeting an exposed legacy .NET Remoting endpoint. | |||||||
Horizon Company Subsidiaries
Omnissa Horizon is an industry-leading solution designed to revolutionize virtual desktops and apps delivery โ on-premises, in the cloud, or in hybrid environments.
Access Data Using Our API
Get company history
Rapid.png)
Horizon Cyber Security News
ROUTERS Act on the Horizon: U.S. House Passes New Legislation
In his remarks on the House floor, Representative Bob Latta (R-OH), who co-sponsored the bill alongside Representative Robin Kelly (D-IL),ย ...
Cybersecurity research funding to get โฌ30M boost in 2025
The European Commission wants to significantly increase funding for cybersecurity research in 2025, according to a draft document obtainedย ...
Quantum eMotion's QRNG Chip: A Cybersecurity Revolution on the Horizon
Enter Quantum eMotion Corp., a Canadian innovator racing to commercialize its game-changing Quantum Random Number Generator (QRNG) chip.
183 Million Patient Records Exposed: Fortified Health Security Releases 2025 Healthcare Cybersecurity Report
Free, biannual Horizon Report covers cybersecurity threats, AI in healthcare, legislative developments for healthcare organizations.
What's on the horizon for risk managers and cyber threats in 2025?
From ransomware to phishing, mitigating the most critical threats will require a mix of strategies.
Major Opportunities on the Horizon with CISA FY26 Contract Recompetes
Moving further into 2025, the federal contracting landscape is poised for significant transformation. With a new administration at the helmย ...
AI Dominates Key Technologies and Practices in Cybersecurity and Privacy
AI Dominates Key Technologies and Practices in Cybersecurity and Privacy ยท New AI Tool Generates Video Explanations Based on Course Materials.
What's on the cybersecurity horizon: Kaspersky shares cybersecurity trends for the Middle East, Turkiye and Africa
At its annual Cyber Security Weekend for the Middle East, Turkiye and Africa (META) region, Kaspersky (www.Kaspersky.co.za) Global Researchย ...
Hong Kong: The first critical infrastructure cybersecurity law is on the horizon
The proposed legislation would require CI operators (CIOs) to fulfill certain statutory obligations and take appropriate measures to strengthen the security ofย ...
Horizon Similar Companies
Instacart
Instacart, the leading grocery technology company in North America, works with grocers and retailers to transform how people shop. The company partners with more than 1,500 national, regional, and local retail banners to facilitate online shopping, delivery and pickup services from more than 85,000
GlobalLogic
GlobalLogic, a Hitachi Group Company, is a full-lifecycle product development services leader that combines chip-to-cloud software engineering expertise and vertical industry experience to help our customers design, build, and deliver their next generation products and digital experiences. We expert
DiDi
DiDi Global Inc. is a leading mobility technology platform. It offers a wide range of app-based services across Asia Pacific, Latin America, and other global markets, including ride hailing, taxi hailing, designated driving, hitch and other forms of shared mobility as well as certain energy and vehi
Infor
As a global leader in business cloud software specialized by industry. Infor develops complete solutions for its focus industries, including industrial manufacturing, distribution, healthcare, food & beverage, automotive, aerospace & defense, hospitality, and high tech. Inforโs mission-critical ente
Dassault Systรจmes
Dassault Systรจmes, the 3DEXPERIENCE Company, is a catalyst for human progress. We provide business and people with collaborative virtual environments to imagine sustainable innovations. By creating virtual twin experiences of the real world with our 3DEXPERIENCE platform and applications, our custom
Nielsen
Nielsen shapes the worldโs media and content as a global leader in audience insights, data and analytics. Through our understanding of people and their behaviors across all channels and platforms, we empower our clients with independent and actionable intelligence so they can connect and engage with
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Horizon CyberSecurity History Information
How many cyber incidents has Horizon faced?
Total Incidents: According to Rankiteo, Horizon has faced 5 incidents in the past.
What types of cybersecurity incidents have occurred at Horizon?
Incident Types: The types of cybersecurity incidents that have occurred incidents Breach, Vulnerability and Ransomware.
How does Horizon detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through containment measures with Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service and remediation measures with Limit .NET Remoting access to localhost-only in upcoming releases and communication strategy with Urged affected individuals to enable multi-factor authentication and monitor financial records for unauthorized activity.
Incident Details
Can you provide details on each incident?
Incident : Vulnerability
Title: Critical Security Vulnerability in Broadcomโs Symantec Endpoint Management Suite
Description: A critical security vulnerability (CVE-2025-5333) has been discovered in Broadcomโs Symantec Endpoint Management Suite that enables unauthenticated remote code execution, posing significant risks to enterprise IT infrastructure.
Date Detected: May 2025
Type: Vulnerability
Attack Vector: Unauthenticated Remote Code Execution (RCE)
Vulnerability Exploited: CVE-2025-5333
Incident : Ransomware
Title: Ransomware Attack at Broadcom via Middle Eastern Business Partner
Description: A ransomware attack at a Middle Eastern business partner of payroll company ADP has led to customer data theft at Broadcom. The HR department has begun informing affected current and former staff. The attack, claimed by the El Dorado ransomware group, resulted in the compromise of personal data including National ID numbers, financial account numbers, and personal contact information. The data was made available on the internet, affecting 560 users and potentially opening up the attack surface to 35 additional companies. Broadcom urged affected individuals to enable multi-factor authentication and monitor financial records for unauthorized activity.
Type: Ransomware
Attack Vector: Ransomware
Threat Actor: El Dorado ransomware group
Motivation: Data theft and ransom
Incident : Vulnerability Exploit
Title: Symantec and Norton Vulnerabilities Identified by Tavis Ormandy
Description: Tavis Ormandy identified Symantec and Norton flaws that cybercriminals may use to gain access to users' data. There were 17 items on the list of vulnerable Symantec enterprise products. On the Symantec website, these items had been listed as a security advisory. Malware concealed in an executable file had a chance to obtain total access to the computer running the operating system, it was discovered that Symantec decompressed files in the operating system's kernel.
Type: Vulnerability Exploit
Attack Vector: Executable File
Vulnerability Exploited: File Decompression in Kernel
Motivation: Data Theft
Incident : Data Breach
Title: Symantec Data Breach
Description: Security firm Symantec was attacked by a hacker in February 2021, resulting in the extraction of data including passwords and a list of Symantec clients, including government agencies.
Date Detected: 2021-02-01
Type: Data Breach
Incident : Ransomware
Title: VMware Horizon Servers Targeted by NightSky Ransomware Group
Description: VMware Horizon servers were targeted by NightSky Ransomware Group through the Apache Log4J Shell vulnerability.
Type: Ransomware
Attack Vector: Apache Log4J Shell vulnerability
Vulnerability Exploited: Log4Shell
Threat Actor: NightSky Ransomware Group
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Port 4011 and Executable File.
Impact of the Incidents
What was the impact of each incident?
Incident : Vulnerability BRO809071525
Systems Affected: Symantec Endpoint Management Suite 8.6.x-8.8
Incident : Ransomware BRO325051825
Data Compromised: National ID numbers, financial account numbers, personal contact information
Identity Theft Risk: True
Payment Information Risk: True
Incident : Vulnerability Exploit SYM44121823
Systems Affected: Symantec Enterprise Products
Incident : Data Breach SYM1336271222
Data Compromised: passwords, list of Symantec clients, government agencies, list of clients using Symantec's CloudSOC services, account managers, account numbers
Incident : Ransomware VMW1659222
Systems Affected: VMware Horizon servers
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are National ID numbers, financial account numbers, personal contact information, passwords, list of Symantec clients, government agencies, list of clients using Symantec's CloudSOC services, account managers and account numbers.
Which entities were affected by each incident?
Response to the Incidents
What measures were taken in response to each incident?
Incident : Vulnerability BRO809071525
Containment Measures: Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service
Remediation Measures: Limit .NET Remoting access to localhost-only in upcoming releases
Incident : Ransomware BRO325051825
Communication Strategy: Urged affected individuals to enable multi-factor authentication and monitor financial records for unauthorized activity
Data Breach Information
What type of data was compromised in each breach?
Incident : Ransomware BRO325051825
Type of Data Compromised: National ID numbers, financial account numbers, personal contact information
Number of Records Exposed: 560
Sensitivity of Data: High
Data Exfiltration: True
Personally Identifiable Information: True
Incident : Data Breach SYM1336271222
Type of Data Compromised: passwords, list of Symantec clients, government agencies, list of clients using Symantec's CloudSOC services, account managers, account numbers
Data Exfiltration: True
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Limit .NET Remoting access to localhost-only in upcoming releases.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through were Block port 4011 on firewalls and Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service.
Ransomware Information
Was ransomware involved in any of the incidents?
Incident : Ransomware VMW1659222
Ransomware Strain: NightSky
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents?
Incident : Vulnerability BRO809071525
Recommendations: Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service, Limit .NET Remoting access to localhost-only in upcoming releases
What recommendations has the company implemented to improve cybersecurity?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service, Limit .NET Remoting access to localhost-only in upcoming releases.
References
Where can I find more information about each incident?
Incident : Vulnerability BRO809071525
Source: Broadcom PSIRT
Incident : Vulnerability BRO809071525
Source: LRQA security researchers
Incident : Ransomware VMW1659222
Source: Microsoft
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Broadcom PSIRT, and Source: LRQA security researchers, and Source: Microsoft.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Urged affected individuals to enable multi-factor authentication and monitor financial records for unauthorized activity.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Vulnerability BRO809071525
Entry Point: Port 4011
Incident : Vulnerability Exploit SYM44121823
Entry Point: Executable File
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Vulnerability BRO809071525
Root Causes: Insecure deserialization of .NET objects through the BinaryServerFormatterSinkProvider with TypeFilterLevel set to Full
Corrective Actions: Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service, Limit .NET Remoting access to localhost-only in upcoming releases
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service, Limit .NET Remoting access to localhost-only in upcoming releases.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an El Dorado ransomware group and NightSky Ransomware Group.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on May 2025.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were National ID numbers, financial account numbers, personal contact information, passwords, list of Symantec clients, government agencies, list of clients using Symantec's CloudSOC services, account managers and account numbers.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Symantec Endpoint Management Suite 8.6.x-8.8 and Symantec Enterprise Products and VMware Horizon servers.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Block port 4011 on firewalls and Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were National ID numbers, financial account numbers, personal contact information, passwords, list of Symantec clients, government agencies, list of clients using Symantec's CloudSOC services, account managers and account numbers.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 560.0.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Block port 4011 on firewalls, Configure the IRM_HostedServiceUrl core setting with an empty value and restart the Altiris Inventory Rule Management Service, Limit .NET Remoting access to localhost-only in upcoming releases.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Broadcom PSIRT, LRQA security researchers and Microsoft.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Executable File and Port 4011.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
