Sold by: Horizon3.ai
Deployed on AWS
The NodeZero Platform by Horizon3.ai is an offensive security platform for continuous, production risk management for organizations worldwide. Customers use autonomous pentesting, emerging threat intelligence, threat detection, and unified risk reporting to stay ahead of bad actors.
4.6
Overview
The NodeZero Platform by Horizon3.ai is an offensive security platform for continuous, production risk management for organizations worldwide. Customers use autonomous pentesting, emerging threat intelligence, threat detection, and unified risk reporting to stay ahead of bad actors.
Highlights
- Suite of autonomous penetration and operational tests: assess risk across on-prem, cloud, and hybrid networks with unlimited scope and frequency.
- NodeZero Tripwires(TM): Use integrated threat deception and detection to auto-drop and alert on decoys against your most critical exposures discovered during tests. NodeZero Rapid Response(TM): Get ahead of emerging threats with proactive alerting on zero- and N-day threats that impact your networks.
- NodeZero Insights(TM): Continuously manage your threat exposure with unified trend data about your security posture, operational KPIs, and security controls efficacy.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
NodeZero Elite Package (500 Assets) - SKU: Pack-ST-Elite | Autonomous Pentesting Platform + Insights + Tripwires + Rapid Response | $42,500.00 |
NodeZero Pro Package (500 Assets) - SKU: Pack-ST-Pro | Autonomous Pentesting Platform + Tripwires + Rapid Response | $32,500.00 |
NodeZero Core Package (500 Assets) - SKU: Pack-ST-Core | Autonomous Pentesting Platform | $25,000.00 |
NodeZero Core to Pro Upgrade (500 Assets) - SKU: Upg-Core-Pro | Upgrade Core Package to Pro adding Tripwires + Rapid Response | $7,500.00 |
NodeZero Core to Elite Upgrade (500 Assets) - SKU: Upg-Core-Elite | Core to Elite Upgrade adding Tripwires + Rapid Response + Insights | $17,500.00 |
NodeZero Pro to Elite Upgrade (500 Assets) - SKU: Upg-Pro-Elite | Pro package upgrade adding Insights | $10,000.00 |
NodeZero Flex (1000 Assets) - SKU: N0-ST-Flex | Autonomous pentest for one-time test of an asset | $15,000.00 |
NodeZero Premium Support Gold (Up to 25K Assets) - SKU: N0-PS-GOLD | 24x7 support, Implementation up to 90 days, Customer Success Monthly | $100,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Purchases through AWS Marketplace utilize a self-service onboarding model - you deploy the solution in your AWS account using standard AWS Marketplace workflows and billing. After purchasing via Marketplace, a member of our team will contact you within 2 business days to provide access to your account.
Please reference our quick start guide at Docs.Horizon3.ai for guidance on setting up NodeZero. We offer 24/7 break fix support (https://horizon3.ai/support-policy/ ) for all technical and operational issues with the deployed product.
Should you require professional services - such as implementation guidance, architecture consulting, or custom integrations - please contact us directly at support@horizon3.ai
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
NCC Group’s network penetration tests help you identify external or internal vulnerabilities before threat actors exploit them. As the security landscape evolves, so must our testing approach to simulate and evaluate these evolutions.
We combine the best parts of AI and automation with the expertise of our penetration testing consultants. We offer manual, autonomous, and hybrid testing approaches to adapt to your unique environment, ensuring the most efficient and effective testing for your needs.
Smarter automation starts with better data. NodeZero MCP Server plugs exploitability intelligence into your existing AI ecosystem. Now your tools can prioritize, orchestrate, and validate based on attack paths proven to be exploitable, not guesswork.
Customer reviews
reviewer2805510
Automated pentesting has transformed our demos and now delivers rapid, actionable remediation
Reviewed on Feb 27, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for The NodeZero Platform by Horizon3.ai is to demo the platform to our channel partners and any end-user customers that they bring us, and also for my own benefit, as we look at our own pentests that we do on the business, both weekly and monthly, and speak to our technical SE Manager to discuss the weaknesses, vulnerabilities, and remediations that Horizon provides with the tasks.
When we conducted this for a customer within a POV, a proof of value, The NodeZero Platform by Horizon3.ai managed to run a pentest very quickly, rather than them doing a manual test that takes weeks to get the reports which are at a point in time. What we found was a weakness within the infrastructure, but it also provided step-by-step remediation instructions and showed how to address the issues, verifying remediation with one-click verification.
One thing I would add about The NodeZero Platform by Horizon3.ai features is how easy it is to follow on the platform at your fingertips, making it accessible and uncomplicated, even for non-technical users such as myself who can run a pentest on the infrastructure.
How has it helped my organization?
The NodeZero Platform by Horizon3.ai's impact on our organization's remediation time is impressive because it allows for swift identification and verification of fixes while prioritizing exploitables that provide business impact rather than getting lost in long lists of vulnerabilities.
What is most valuable?
The best features The NodeZero Platform by Horizon3.ai offers include ease of use and running a pentest, which can be done within four to six clicks of your mouse, and not only finding exploitables within your infrastructure but also the ease of remediation and the fix actions that are provided.
The main thing that I have always spoken about with customers, when our partners have brought the opportunity, is how long and drawn-out the process is with a manual pentester, as after days of work and high consultative fees, they have to wait weeks for a massive report. The NodeZero Platform by Horizon3.ai finds issues on the day, providing step-by-step remediation fix actions that are really easy to follow with various options for addressing the issues.
The NodeZero Platform by Horizon3.ai impacts our organization positively as we are a cybersecurity distributor that presents solutions to our partners, and I would have to say it is hands down one of the best solutions we sell to help address customer pain points related to manual testing, generating excitement in the channel, closing deals, and fostering discussions around pentesting.
Showing the attack paths with The NodeZero Platform by Horizon3.ai is crucial, as every exploitable that arises has a defined path leading to a business impact; this emphasizes the importance of tracking vulnerabilities due to their implications.
What needs improvement?
Improvements with The NodeZero Platform by Horizon3.ai are already underway; many people mention infrastructure testing is well-handled, but they seek better web application testing, which is currently in beta, as noted by their CEO, Snehal, and once it comes to market, we will demo it for our partners.
Regarding the needed improvements, I think their Tripwire, Insights, and Rapid Response add-ons are good, but web application testing is what is predominantly requested, which we know is coming soon.
For how long have I used the solution?
I have been working with The NodeZero Platform by Horizon3.ai since approximately May of last year, which represents just under a year from a full sales, technical point of view, end-user, and partners within our channel community.
What do I think about the stability of the solution?
The stability of The NodeZero Platform by Horizon3.ai is complete, with consistent performance noted.
What do I think about the scalability of the solution?
The scalability of The NodeZero Platform by Horizon3.ai is another massive positive; unlike competitors such as PenTera, which are on-premise and limit to 6,000 assets, The NodeZero Platform by Horizon3.ai demonstrates remarkable scalability and efficiency in running pentests across numerous assets.
How are customer service and support?
The customer support from the customer success team, channel team, and SE team has been notably good, assisting our partners and customers with POVs, enablements, and setting up the POV or tenant when interested in purchasing The NodeZero Platform by Horizon3.ai.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
What was our ROI?
A very measurable statistic regarding The NodeZero Platform by Horizon3.ai would be with one of our partners, who we met with at InfoSec in London; we booked a session with over 100 account managers, and after a sales enablement session with the Horizon team, they went out and secured 25 to 30 deal registrations that month, leading to potential revenue opportunities.
What's my experience with pricing, setup cost, and licensing?
Since we are a distributor setting pricing with Horizon for our partners, we know that customers find the pricing favorable, as it is cheaper than conducting a single manual pentest a year while allowing for multiple tests.
Which other solutions did I evaluate?
I did not evaluate other options before choosing The NodeZero Platform by Horizon3.ai.
What other advice do I have?
The way you find a vulnerability with The NodeZero Platform by Horizon3.ai, you can also fix and then verify if that vulnerability has been solved, which is the selling point itself, emphasizing exploitability as a massive factor since only 2% of vulnerabilities are actually exploitable.
My impression of The NodeZero Platform by Horizon3.ai's feature that allows security teams to fix and retest vulnerabilities instantly is that it alleviates concerns of lengthy lists of vulnerability scanners by focusing on exploitables, allowing teams to manage their time efficiently by addressing the most impactful issues.
More and more we are recognizing that all endpoint detection and response tools, such as Defender for Endpoint, CrowdStrike, and SentinelOne, have their weaknesses, and The NodeZero Platform by Horizon3.ai's EDR effectiveness demonstration highlights how we combat attackers, enhancing overall security.
I would advise others considering using The NodeZero Platform by Horizon3.ai to buy the product and utilize it as much as possible, as it is an excellent solution for reducing time, staff, costs, and identifying impactful vulnerabilities.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Dr. Michael N.
Intuitive Yet Powerful—A Critical Part of Our Cybersecurity Toolbox
Reviewed on Jan 16, 2026
Review provided by G2
What do you like best about the product?
It is both intuitive and thorough with easy integration and implementation. During product review, NodeZero became an obvious choice because interaction was simple enough for our nontechnical personnel to follow yet the platform capabilities matched those of skilled professionals. The company has VERY responsive customer service and keeps up with the most recently discovered vulnerabilities and offers rapid release of testing against them. This has become a highly used and critical part of our cybersecurity toolbox.
What do you dislike about the product?
The only issue is something I just discovered and have not brought to their product team yet. Tripwires doesn't report the specific machines it failed on and succeeded on in an obvious manner.
What problems is the product solving and how is that benefiting you?
The NodeZero platform continuously uncovers our unknown unknowns. If an organization does not know they have a vulnerability, they cannot patch it. NodeZero solves this problem of the unknown unknowns.
Mariya O.
Essential for Compliance and Flexibility
Reviewed on Jan 14, 2026
Review provided by G2
What do you like best about the product?
I really like the service and attention that NodeZero from Horizon3.ai offers. The platform's CMMC aligned guidance is great, providing us with the necessary support to comply under CMMC and covering those pentest controls. I appreciate the flexibility to run focused or ad hoc tests, which is invaluable for us. The expertise of the team is unmatched, and I couldn't have chosen a better company. You all are great, and Will is particularly excellent. The initial setup was very easy too.
What do you dislike about the product?
N/A
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai identifies vulnerabilities, provides solutions, and ensures compliance. It aligns with CMMC, covering pentest controls expertly. Its flexibility for focused or ad hoc tests and exceptional service make it invaluable.
Brian Burnett
Has improved internal and co-op security validation through detailed reporting and continuous vulnerability detection
Reviewed on Oct 31, 2025
Review provided by PeerSpot
What is our primary use case?
The NodeZero Platform is used internally every month, aligned with the patch cycle, to run the pen test and validate the patching that was done previously and find anything new in the environment. It is run at least monthly, and if something else comes up, it is run between those times. Additionally, The NodeZero Platform is used to perform pen testing for co-ops. Since some internet infrastructure is shared with co-ops, the platform can be deployed and a virtual machine can be spun up in their environment. They provide IP ranges, the pen test is deployed, the report comes back, and it is shared with them. This has been a great capability to provide to co-ops.
What is most valuable?
My favorite feature of The NodeZero Platform is that all of it has been really good. The reporting piece is very clear and very useful, which was a big piece from the start. The reporting is huge, and the fact that it learns the environment on an ongoing basis is impressive. An external third-party pen tester is brought in every two years, and the plan is to move it to every three years. After the third party conducts the pen test, The NodeZero Platform is run, and it finds the same things they found and sometimes a few other things that they did not even identify. It has stood up against that test every time.
The feature that allows security teams to fix and retest vulnerabilities instantly adds a lot of quick mitigation and the ability to fix issues on the fly. Everything that has been added and modified and improved since acquiring the tool has worked seamlessly.
The Real Attack Capabilities help in identifying vulnerabilities in on-premises systems because if patching was missed, it will identify that. With deployment across the system, any recent vulnerability will be found. The way it learns the environment makes it an easy-to-use tool. It does what it says it is going to do, which is finding vulnerabilities as they appear.
The Endpoint Security Effectiveness feature helps in understanding potential security threats better because everything that it identifies improves things on an ongoing basis. It ensures that everything is kept current, so it adds an extra layer to what is being done with the main EDR solution.
What needs improvement?
The speed of the scans takes some time, but in my opinion, it is not surprising for what it is doing. It could be a little quicker, but speed does not necessarily mean it is going to be better, since speed does not equate to doing what it needs to do.
For how long have I used the solution?
The NodeZero Platform has been used for about close to four years.
What do I think about the stability of the solution?
Regarding stability, it has never crashed, and there has not been any lagging from deployment or running. It is sometimes run randomly to see if managed service personnel will get alerted, and it has performed as expected. There has not been anything with lag or alerts, it has not crashed, and it has not caused issues.
What do I think about the scalability of the solution?
The scalability of The NodeZero Platform has been great because it is offered out to the 26 co-ops that are worked with, and over half of those have had it run on their environment, and it has worked out great.
How are customer service and support?
Technical support has never been contacted because there have never been any issues that required reaching out to them.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
There have not been any alternatives encountered that can be compared with The NodeZero Platform. After conversations with people and they have looked at it, nothing has stood out as being worth even trying to test. There is nothing that compares to it from everything that has been seen.
How was the initial setup?
The initial deployment of The NodeZero Platform was easy, from what is remembered, as that was about four years ago.
What about the implementation team?
The networking team was involved in this type of job, and it was probably just one of the networking team members and a senior engineer.
What was our ROI?
A reduction in remediation time has been seen because it is finding things before they happen. Much time is not being spent on remediation since acquiring it because it is finding things before they become an issue. Even if there is a zero-day and patching is done and then run, it verifies that, so it is preventing a lot of remediation time with anything.
What's my experience with pricing, setup cost, and licensing?
The pricing has been good, as it has not made huge leaps. Contracts and renewals are handled, so the changes have not been astronomical. It has stayed typically below what was expected for the changes as contracts are renewed, so it has all been fine.
What other advice do I have?
The overall rating given to The NodeZero Platform is ten out of ten.
Timothy Rice
One-click re-testing has validated remediations and improved threat visibility
Reviewed on Oct 21, 2025
Review provided by PeerSpot
What is our primary use case?
We use The NodeZero Platform for control validation and we are also looking for the likelihood of vulnerabilities.
What is most valuable?
I think the one-click feature to fix and re-test vulnerabilities is great. This feature allows us to validate whether the remediation actually resolved the issue. It's pretty easy. You click it and it starts scanning. This is super helpful. I don't think anybody else has anything like that.
The NodeZero Platform 's real attack capabilities help in identifying vulnerabilities on our on-prem systems because it provides actual vulnerabilities by attacking our systems. It shows us whether it really was able to do or meet the objectives that a threat actor could do. It really helps identify the likelihood instead of simply indicating a potential vulnerability.
The NodeZero Platform impacts my understanding of potential security threats in an eye-opening way. It provides validation of the actual security flaw, and it also provides remediation steps. Usually, it's an article that's written up, but it also shows proof as well.
I haven't seen much of an impact on my remediation time from using The NodeZero Platform. I think what it does is it justifies a vulnerable aspect. For the most part, it does speed up remediation because we have proof that there is a vulnerability. We classify those vulnerabilities as a POF or a Pants on Fire and they have to be remediated within 72 hours. It does help remediate.
What needs improvement?
I think The NodeZero Platform could improve by leveraging GPUs for password cracking, which would be pretty good.
For how long have I used the solution?
I have used the solution for about two and a half years.
What do I think about the stability of the solution?
I haven't seen any stability issues such as crashing, lagging, or downtime. I have seen that their portal has been inaccessible for probably about 30 minutes one time.
What do I think about the scalability of the solution?
The NodeZero Platform is very scalable.
How are customer service and support?
I have never had to contact their technical support or customer support.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We've used Pantera, Symptom and Attack IQ.
How was the initial setup?
The initial deployment was so easy. It only took us about five minutes.
What's my experience with pricing, setup cost, and licensing?
I think the pricing could be a little bit more competitive. For example, Centerra had a little bit more flexible pricing than NodeZero.
Which other solutions did I evaluate?
I would say Pentera is the closest competitor to The NodeZero Platform. When I compare them, I think the flexibility of scanning is where Horizon 3 edges Pentera . Pentera does a better job at cracking passwords, but deploying remote nodes is very difficult. It's kind of convoluted, so it makes it difficult to operate. The NodeZero Platform's pricing is competitive. I think it could be a little bit more competitive. For example, Pentera had a little bit more flexible pricing than The NodeZero Platform.
What other advice do I have?
Based on everything we've looked at and used in the past, I would rate The NodeZero Platform a 10 out of 10 as they are the best.