Sold by: Horizon3.ai
Deployed on AWS
The NodeZero Platform by Horizon3.ai is an offensive security platform for continuous, production risk management for organizations worldwide. Customers use autonomous pentesting, emerging threat intelligence, threat detection, and unified risk reporting to stay ahead of bad actors.
4.5
Overview
The NodeZero Platform by Horizon3.ai is an offensive security platform for continuous, production risk management for organizations worldwide. Customers use autonomous pentesting, emerging threat intelligence, threat detection, and unified risk reporting to stay ahead of bad actors.
Highlights
- Suite of autonomous penetration and operational tests: assess risk across on-prem, cloud, and hybrid networks with unlimited scope and frequency.
- NodeZero Tripwires(TM): Use integrated threat deception and detection to auto-drop and alert on decoys against your most critical exposures discovered during tests. NodeZero Rapid Response(TM): Get ahead of emerging threats with proactive alerting on zero- and N-day threats that impact your networks.
- NodeZero Insights(TM): Continuously manage your threat exposure with unified trend data about your security posture, operational KPIs, and security controls efficacy.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
NodeZero Elite Package (500 Assets) - SKU: Pack-ST-Elite | Autonomous Pentesting Platform + Insights + Tripwires + Rapid Response | $42,500.00 |
NodeZero Pro Package (500 Assets) - SKU: Pack-ST-Pro | Autonomous Pentesting Platform + Tripwires + Rapid Response | $32,500.00 |
NodeZero Core Package (500 Assets) - SKU: Pack-ST-Core | Autonomous Pentesting Platform | $25,000.00 |
NodeZero Core to Pro Upgrade (500 Assets) - SKU: Upg-Core-Pro | Upgrade Core Package to Pro adding Tripwires + Rapid Response | $7,500.00 |
NodeZero Core to Elite Upgrade (500 Assets) - SKU: Upg-Core-Elite | Core to Elite Upgrade adding Tripwires + Rapid Response + Insights | $17,500.00 |
NodeZero Pro to Elite Upgrade (500 Assets) - SKU: Upg-Pro-Elite | Pro package upgrade adding Insights | $10,000.00 |
NodeZero Flex (1000 Assets) - SKU: N0-ST-Flex | Autonomous pentest for one-time test of an asset | $15,000.00 |
NodeZero Premium Support Gold (Up to 25K Assets) - SKU: N0-PS-GOLD | 24x7 support, Implementation up to 90 days, Customer Success Monthly | $100,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Purchases through AWS Marketplace utilize a self-service onboarding model - you deploy the solution in your AWS account using standard AWS Marketplace workflows and billing. After purchasing via Marketplace, a member of our team will contact you within 2 business days to provide access to your account.
Please reference our quick start guide at Docs.Horizon3.ai for guidance on setting up NodeZero. We offer 24/7 break fix support (https://horizon3.ai/support-policy/ ) for all technical and operational issues with the deployed product.
Should you require professional services - such as implementation guidance, architecture consulting, or custom integrations - please contact us directly at support@horizon3.ai
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
NCC Group’s network penetration tests help you identify external or internal vulnerabilities before threat actors exploit them. As the security landscape evolves, so must our testing approach to simulate and evaluate these evolutions.
We combine the best parts of AI and automation with the expertise of our penetration testing consultants. We offer manual, autonomous, and hybrid testing approaches to adapt to your unique environment, ensuring the most efficient and effective testing for your needs.
Smarter automation starts with better data. NodeZero MCP Server plugs exploitability intelligence into your existing AI ecosystem. Now your tools can prioritize, orchestrate, and validate based on attack paths proven to be exploitable, not guesswork.
Customer reviews
Brent Hamlin
Continuous threat scanning has improved remediation time and strengthened executive reporting
Reviewed on Apr 23, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for The NodeZero Platform by Horizon3.ai is C-TAM to actively scan for threats or potential threats within our environment and to help keep our environment secure. A specific example of how I have used The NodeZero Platform by Horizon3.ai for C-TAM in my environment is that we had some exposed SSH ports within a cloud provider, and we were able to clear those and close those ports up.
What is most valuable?
The best features that The NodeZero Platform by Horizon3.ai offers include the automated scans, which are great to use; you set it, scope it, and let it go, which works really well. The executive reporting feature is impactful for me as a manager, providing a strong foundation to give quarterly and yearly reports to our executives and board to see the state of our infrastructure from a security standpoint.
The level of detail and clarity in the executive reports from The NodeZero Platform by Horizon3.ai absolutely helps me communicate effectively with leadership. They are detailed enough for me to extract the necessary information tailored for the executives and to provide a broader perspective on our mitigation efforts or accepted risk stance and where additional controls exist.
The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization. It allows us to run scans whenever needed, unlike a single third-party system that only provides a snapshot in time; our processes must be ongoing as the security landscape is dynamic.
NodeZero's endpoint security effectiveness feature impacts my understanding of potential security threats by providing a clear picture of both the external and internal landscapes within my organization, enabling me to prioritize and adjust as needed for vulnerabilities such as WordPress plugin issues or user enumerations and software code version assessments.
I have built The NodeZero Platform by Horizon3.ai into our weekly and monthly workflows for security CI/CD, and we scan our externally accessible assets every week to address anything quickly if it comes up. That includes our firewalls, websites, and anything that is an external web server, which we scan weekly, while the monthly scans are for internal systems that feed our security CI/CD pipeline, enabling us to action across and prioritize any vulnerabilities caught by The NodeZero Platform by Horizon3.ai.
What needs improvement?
The NodeZero Platform by Horizon3.ai is great, with an amazing MCP server and great API integration. I have utilized both and can vouch for their features. However, my team struggles with the onboarding side of our engagement, which should have been more robust; having a statement of work and a clear definition of success would have been beneficial. We faced challenges building the boat as we were launching without clarity on how we wanted to use the system, but that is the only constructive criticism I have for improvements.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for six months.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai has been very stable.
What do I think about the scalability of the solution?
So far, we have not needed to scale The NodeZero Platform by Horizon3.ai much; it is effectively doing everything we need it to do, making the question of scalability somewhat irrelevant for us.
How are customer service and support?
So far, customer support for The NodeZero Platform by Horizon3.ai has been great; we appreciate the team for always answering our questions promptly and bringing in resources as necessary. I would rate customer support for The NodeZero Platform by Horizon3.ai a 10; the team has been great in responding quickly and thoroughly explaining any questions we may have.
Which solution did I use previously and why did I switch?
We did not previously use a different solution; we just had Tenable running, which is not the same as The NodeZero Platform by Horizon3.ai.
How was the initial setup?
My experience with the pricing, setup cost, and licensing of The NodeZero Platform by Horizon3.ai has been great. The sales process with Calvin and the team was excellent, leaving me very satisfied with the implementation and support from the NodeZero sales team.
What was our ROI?
Although I do not have specific metrics indicating return on investment such as fewer employees or direct savings, the main metric is that we save time because The NodeZero Platform by Horizon3.ai is scanning continuously and allows us to track remediations within the platform. Time to resolution and verification is what I focus on most, as we can quickly verify the resolution of vulnerabilities through the one-click verify feature in The NodeZero Platform by Horizon3.ai.
Which other solutions did I evaluate?
Before choosing The NodeZero Platform by Horizon3.ai, we evaluated other options including Cymulate and Rapid7, though I cannot recall the other one.
What other advice do I have?
The NodeZero Platform by Horizon3.ai is currently deployed in a public cloud, and we plan to incorporate some on-premise capabilities as we work on network segmentation to scan other sites from remote office locations or physical sites.
For our public cloud deployment of The NodeZero Platform by Horizon3.ai, we use Azure .
What we have seen as specific outcomes indicating this positive impact is that everything external on our systems scores below two, which is really good. While we have some configuration cleanup to do, everything external is very clean now, and we identified what needs to be addressed, prioritized them, and within weeks got to a very clean state externally, though we still have ongoing work internally due to some legacy systems.
The platform's real attack capabilities help in identifying vulnerabilities in our on-prem systems by reviewing our overall posture and available layers. Given our complexity with 17 different sites in Azure , we are constantly scanning across the network, realizing that our network segmentation needs improvement. Once we enhance that segmentation, we will utilize The NodeZero Platform by Horizon3.ai at one of our remote office sites to conduct scans accordingly.
I adore the feature of The NodeZero Platform by Horizon3.ai that allows security teams to fix and retest vulnerabilities instantly, as I always want to validate the efforts and diligence put forth by my team.
I assess that The NodeZero Platform by Horizon3.ai has improved our organization's remediation time because we have fewer vulnerabilities to remediate now. Initially, we had a lot of medium vulnerabilities and a few high ones, allowing us to prioritize and resolve the high risks quickly, then address the medium vulnerabilities more methodically to add value back to the organization, which we accomplished in a timely manner.
The NodeZero Platform by Horizon3.ai is great, with an amazing MCP server and great API integration. I have utilized both and can vouch for their features. However, my team struggles with the onboarding side of our engagement, which should have been more robust; having a statement of work and a clear definition of success would have been beneficial. We faced challenges building the boat as we were launching without clarity on how we wanted to use the system, but that is the only constructive criticism I have for improvements.
The NodeZero Platform by Horizon3.ai has not helped reduce our pen-testing costs; in fact, our pen-test engagement was cheaper than the cost of The NodeZero Platform by Horizon3.ai. However, the pen test occurred only once a year and provided just a snapshot of a moment in time without follow-up for remediation validation, so we appreciated it but it did not effectively portray our organization's ongoing state.
I advise others looking into using The NodeZero Platform by Horizon3.ai to buy onboarding hours and create a statement of work since building that ad hoc is not in the best interest of the organization. It is vital to define success criteria for when the onboarding process is completed and implemented.
The NodeZero Platform by Horizon3.ai does what it is advertised and does it really well, and I would rate this review a 10.
reviewer2827158
Automated pen tests have strengthened our security posture and reduced assessment effort
Reviewed on Apr 23, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for The NodeZero Platform by Horizon3.ai is performing quarterly pen tests on our enterprise and OT networks.
For those quarterly pen tests, we usually run them in the actual web UI interface, selecting what subnets we want to hit for pen tests, what vulnerabilities we want to use, and the whitelists that we have in place. We don't step on any sensitive devices, and then afterwards, we review the findings and remedy the problems.
What is most valuable?
The best features that The NodeZero Platform by Horizon3.ai offers include its set it and forget it type pen testing. You configure it once and then set it to automatically run during certain days, which is particularly useful, especially when you're a thin IT department.
That set-it-and-forget-it feature helps my team day-to-day by saving a lot of time, as we can set the pen test and then divert our attention to other things while the pen test is ongoing.
The NodeZero Platform by Horizon3.ai has positively impacted my organization by catching vulnerabilities and exploits that we wouldn't otherwise be able to find as easily or as quickly, so I'd say it helps better our cybersecurity posture.
What needs improvement?
The NodeZero Platform by Horizon3.ai can be improved in some ways, particularly regarding the test scan sometimes.
When the test scan doesn't work as expected, the runner sometimes acts up, and we usually have to run a command on it to fix it or sometimes reboot it. Other than that, the product works great.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for about a year and a half.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is stable.
What do I think about the scalability of the solution?
The scalability of The NodeZero Platform by Horizon3.ai is pretty good, as you can throw in any number of subnets in the pen test, so I'd say it's very scalable.
How are customer service and support?
We have had no issues with their customer support; it seemed pretty solid.
I would rate the customer support of The NodeZero Platform by Horizon3.ai as an eight.
Which solution did I use previously and why did I switch?
We did not have a different solution before using The NodeZero Platform by Horizon3.ai.
How was the initial setup?
I wasn't involved in the pricing, setup cost, and licensing, but I've heard that it's pretty simple and easy.
Which other solutions did I evaluate?
We did not evaluate any other options before choosing The NodeZero Platform by Horizon3.ai.
What other advice do I have?
My impression of the solution's feature that allows security teams to fix and retest vulnerabilities instantly is that it's a very useful feature, and I highly appreciate that feature.
The platform's real attack capabilities have helped in identifying vulnerabilities in my on-prem systems by giving us a real-world example of what we should be prioritizing, which helps during the vulnerability management process, so it's helped us significantly.
We don't necessarily use the endpoint security effectiveness feature; we don't really pay attention to it.
The NodeZero Platform by Horizon3.ai has reduced our pen testing costs, but I don't have a specific number.
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to utilize the one-click vulnerability or rescan feature for NodeZero.
I think they're also the reseller for the product.
I would rate this solution an eight overall.
Non-Profit Organization Management
Run Pentests Anytime with Flexible, On-Demand Testing
Reviewed on Apr 22, 2026
Review provided by G2
What do you like best about the product?
I like being able to run pentests whenever I want.
What do you dislike about the product?
There’s a small learning curve when it comes to working with the containers and customizing scripts.
What problems is the product solving and how is that benefiting you?
It’s helpful to be able to closely monitor our environment without needing a specialized staff member to perform an audit.
Jason M.
Effortless Setup, Immediate Security Insights
Reviewed on Apr 21, 2026
Review provided by G2
What do you like best about the product?
I like that the setup for NodeZero from Horizon3.ai was easy and quick. Their team was really helpful in getting us set up properly and helped us come up with an effective game plan. The reporting feature has been good, providing quick value and insights from the platform. I appreciate being able to turn those findings over to the appropriate teams to remediate issues.
What do you dislike about the product?
We haven't found anything we wished it would do that we were wanting.
What problems is the product solving and how is that benefiting you?
I use NodeZero from Horizon3.ai for network segmentation and penetration testing. It helps validate our configurations, identify attack paths, and quickly gain insights for remediation.
David Meyer
Automated pen tests have strengthened security and provide detailed monthly remediation insights
Reviewed on Apr 20, 2026
Review provided by PeerSpot
What is our primary use case?
I have been using The NodeZero Platform by Horizon3.ai for about three years now.
I use The NodeZero Platform by Horizon3.ai to run scheduled penetration tests against my internal and external network resources.
I recently changed my hosting service and web hosting service, and along with that change, I decided to run another penetration test against it to ensure everything was functioning properly. I did find a vulnerability which I was able to quickly address and resolve.
I run this once a month in general, although I will run it whenever something new is introduced into my infrastructure. My monthly run reports provide me with data that I can review, and if I find anything in there that I did not see before, I can address it.
What is most valuable?
One of my favorite features of The NodeZero Platform by Horizon3.ai is the scheduling feature, which means I do not have to remember to run the penetration tests. Another feature I really appreciate is the remediation tasks that it provides. When it offers remediation guidance, it gives me steps to resolve the issue, which saves me time in determining what I need to do to remediate a certain vulnerability.
The remediation steps provided by The NodeZero Platform by Horizon3.ai are usually quite detailed and helpful. Occasionally, I will get one that does not offer a lot in the way of specific steps because the device on which it found the vulnerability is not a standard device that it recognizes. However, if it is a Windows box or Linux box, it is very good about giving me accurate information.
I believe that The NodeZero Platform by Horizon3.ai has kept me safer in a cybersecurity sense. It is one of a couple of different products I use for that purpose, but because I have cybersecurity insurance, I am required to run pen tests at least once a year. This product allows me the opportunity to run it as many times as I want, which is very beneficial because when new things are introduced into my network, I may not be able to identify these vulnerabilities until I run my next penetration test, which could be up to eleven months later.
Because I stay on top of these things, I am not usually caught off guard with a security issue that suddenly appears. I see them monthly and I do not have to generally perform any sort of emergency response that I would have had to do in the past when I had nothing in place.
What needs improvement?
I would love it if I could whitelist certain vulnerabilities that I consider not especially significant with The NodeZero Platform by Horizon3.ai. The NodeZero Platform by Horizon3.ai classifies them based on severity, and the severity for a lot of these things, such as threes, ones, and 0.01s, are generally things that I do not care too much about. I want to see them in a report when they appear the first time, but I would love it if I could simply check that one and indicate that I do not want to see a report about this one again because I am not going to take action on it.
For how long have I used the solution?
I have been working in this field for around thirty years.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is quite stable.
What do I think about the scalability of the solution?
It is kind of difficult for me to comment on The NodeZero Platform by Horizon3.ai's scalability because I have not had to change the scale. It certainly works fine in my rather small environment, but since I have not run it in a very large network environment, I cannot really say much more than that.
How are customer service and support?
Customer support for The NodeZero Platform by Horizon3.ai is awesome. I love the chat person I work with on chat. She is always super responsive and very patient and is able to get to the bottom of my problems, which are fairly infrequent. At the beginning, there were a few little hiccups that I was causing through some misunderstanding on my part, but she was very good.
Which solution did I use previously and why did I switch?
I previously used Fortelist, an annual service that they provided to run penetration tests on my network. The reason I switched is because I wanted to be able to run penetration tests more frequently, and it simply would not have been cost-effective to do it more often than one time a year. That is the main reason for the change.
How was the initial setup?
Interestingly enough, I have used that quite a bit in the past. The last time I ran my pen test, I for whatever reason was not able to quickly retest as conveniently as before. I am not really sure why that is, and I probably should just talk with Horizon3.ai about that.
Certainly, time has been saved with The NodeZero Platform by Horizon3.ai, and I would imagine money has been saved from the previous way of doing my pen tests, which were a yearly pen test that were quite expensive to do. There has been no change in employment or employees, but as far as the licensing costs, I think that was a big win for me.
What about the implementation team?
I did not have involvement in the evaluation process. I was not the one who evaluated it; I was the one who implemented it.
What was our ROI?
I believe The NodeZero Platform by Horizon3.ai has helped reduce my pen testing costs, but I cannot tell you exactly how much as I am not the person who paid for those services. However, I believe it was a significant reduction.
What's my experience with pricing, setup cost, and licensing?
I cannot really speak to the pricing as I was not involved in the purchase of it or any of the costs. I was the one that implemented it, and for that, I give it a thumbs up—it was awesome.
Which other solutions did I evaluate?
I think everything else is fine.
What other advice do I have?
The first time you run a test with The NodeZero Platform by Horizon3.ai, be prepared to triage because you are going to find things you had no idea you had.
It is because I have not had any serious problems for a long time. I would say that the very first time I ran The NodeZero Platform by Horizon3.ai, I did find many things such as open SFTP ports, open FTP ports, and open database ports that I was able to quickly address. I would say quickly, but it took a while because the platform found so many. However, it was super helpful because I did not have a single way to find those things before.
I give this review a rating of nine.