The NodeZero Platform is used internally every month, aligned with the patch cycle, to run the pen test and validate the patching that was done previously and find anything new in the environment. It is run at least monthly, and if something else comes up, it is run between those times. Additionally, The NodeZero Platform is used to perform pen testing for co-ops. Since some internet infrastructure is shared with co-ops, the platform can be deployed and a virtual machine can be spun up in their environment. They provide IP ranges, the pen test is deployed, the report comes back, and it is shared with them. This has been a great capability to provide to co-ops.

My favorite feature of The NodeZero Platform is that all of it has been really good. The reporting piece is very clear and very useful, which was a big piece from the start. The reporting is huge, and the fact that it learns the environment on an ongoing basis is impressive. An external third-party pen tester is brought in every two years, and the plan is to move it to every three years. After the third party conducts the pen test, The NodeZero Platform is run, and it finds the same things they found and sometimes a few other things that they did not even identify. It has stood up against that test every time.

The feature that allows security teams to fix and retest vulnerabilities instantly adds a lot of quick mitigation and the ability to fix issues on the fly. Everything that has been added and modified and improved since acquiring the tool has worked seamlessly.

The Real Attack Capabilities help in identifying vulnerabilities in on-premises systems because if patching was missed, it will identify that. With deployment across the system, any recent vulnerability will be found. The way it learns the environment makes it an easy-to-use tool. It does what it says it is going to do, which is finding vulnerabilities as they appear.

The Endpoint Security Effectiveness feature helps in understanding potential security threats better because everything that it identifies improves things on an ongoing basis. It ensures that everything is kept current, so it adds an extra layer to what is being done with the main EDR solution.

The speed of the scans takes some time, but in my opinion, it is not surprising for what it is doing. It could be a little quicker, but speed does not necessarily mean it is going to be better, since speed does not equate to doing what it needs to do.

The NodeZero Platform has been used for about close to four years.

Regarding stability, it has never crashed, and there has not been any lagging from deployment or running. It is sometimes run randomly to see if managed service personnel will get alerted, and it has performed as expected. There has not been anything with lag or alerts, it has not crashed, and it has not caused issues.

The scalability of The NodeZero Platform has been great because it is offered out to the 26 co-ops that are worked with, and over half of those have had it run on their environment, and it has worked out great.

Technical support has never been contacted because there have never been any issues that required reaching out to them.

There have not been any alternatives encountered that can be compared with The NodeZero Platform. After conversations with people and they have looked at it, nothing has stood out as being worth even trying to test. There is nothing that compares to it from everything that has been seen.

The initial deployment of The NodeZero Platform was easy, from what is remembered, as that was about four years ago.

The networking team was involved in this type of job, and it was probably just one of the networking team members and a senior engineer.

A reduction in remediation time has been seen because it is finding things before they happen. Much time is not being spent on remediation since acquiring it because it is finding things before they become an issue. Even if there is a zero-day and patching is done and then run, it verifies that, so it is preventing a lot of remediation time with anything.

The pricing has been good, as it has not made huge leaps. Contracts and renewals are handled, so the changes have not been astronomical. It has stayed typically below what was expected for the changes as contracts are renewed, so it has all been fine.

The overall rating given to The NodeZero Platform is ten out of ten.

We use The NodeZero Platform for control validation and we are also looking for the likelihood of vulnerabilities.

I think the one-click feature to fix and re-test vulnerabilities is great. This feature allows us to validate whether the remediation actually resolved the issue. It's pretty easy. You click it and it starts scanning. This is super helpful. I don't think anybody else has anything like that.

The NodeZero Platform's real attack capabilities help in identifying vulnerabilities on our on-prem systems because it provides actual vulnerabilities by attacking our systems. It shows us whether it really was able to do or meet the objectives that a threat actor could do. It really helps identify the likelihood instead of simply indicating a potential vulnerability.

The NodeZero Platform impacts my understanding of potential security threats in an eye-opening way. It provides validation of the actual security flaw, and it also provides remediation steps. Usually, it's an article that's written up, but it also shows proof as well.

I haven't seen much of an impact on my remediation time from using The NodeZero Platform. I think what it does is it justifies a vulnerable aspect. For the most part, it does speed up remediation because we have proof that there is a vulnerability. We classify those vulnerabilities as a POF or a Pants on Fire and they have to be remediated within 72 hours. It does help remediate.

I think The NodeZero Platform could improve by leveraging GPUs for password cracking, which would be pretty good.

I have used the solution for about two and a half years.

I haven't seen any stability issues such as crashing, lagging, or downtime. I have seen that their portal has been inaccessible for probably about 30 minutes one time.

The NodeZero Platform is very scalable.

I have never had to contact their technical support or customer support.

We've used Pantera, Symptom and Attack IQ.

The initial deployment was so easy. It only took us about five minutes.

I think the pricing could be a little bit more competitive. For example, Centerra had a little bit more flexible pricing than NodeZero.

I would say Pentera is the closest competitor to The NodeZero Platform. When I compare them, I think the flexibility of scanning is where Horizon 3 edges Pentera. Pentera does a better job at cracking passwords, but deploying remote nodes is very difficult. It's kind of convoluted, so it makes it difficult to operate. The NodeZero Platform's pricing is competitive. I think it could be a little bit more competitive. For example, Pentera had a little bit more flexible pricing than The NodeZero Platform.

Based on everything we've looked at and used in the past, I would rate The NodeZero Platform a 10 out of 10 as they are the best.

For us, The NodeZero Platform is literally the single best security solution we have because the way that it works is we're able to scan every part of our network, both internally and externally, and then get completely actionable feedback that doesn't matter if it's for an application developer or a network admin. The way that the feedback is presented leaves no room for what is the problem. Our use cases are internal network scans, external penetration tests, and then all of the remediation that goes along with those two results. The final use case that we use is we actively scan every single network password and make sure that no one has password reuse, duplication, or any of the things that have gotten a lot of other companies in trouble. This is one of their easiest features to start with. That is the primary use case.

The favorite feature of The NodeZero Platform is that it's easiest from a password perspective because when examining all the things in cybersecurity and all the things in the news, it almost always comes down to somehow the bad guys got someone's username and password. Being able to scan literally thousands of passwords to see if there's an issue with them and then immediately take action is amazing because it keeps our network safe and we don't have to worry about constantly having accounts taken over by criminals. By immediately taking action, they told us about this thing that allows the security teams to fix and retest vulnerabilities instantly, which is their one-click feature.

For us, it's so quick to test every single password. We're able to get a list of anyone that has a password that is compromised because some other website, they use that same password. We're able to actually just rescan all passwords in such a short period, we don't need to use the one-click verification. That's more for if there's a vulnerability on a specific computer or server, which we do use that as well. But just the ability to scan all passwords in such a short time is my favorite feature.

The NodeZero Platform's real attack capabilities have helped in identifying vulnerabilities in our on-prem systems in a few ways. First and foremost, other security platforms used to have so many things that they would report on. Because they would give so many issues and in a way that wasn't clear, a lot of times there was ambiguity and the different sub-teams within IT would disagree on how the problem was or if there was a problem. The way that it's helped us is that it got rid of all of that confusion. We're able to see an issue and then resolve an issue. The one-click verify has helped us several times because in the past, we would do a penetration test once a year and if we thought we fixed it, we would wait a whole other year until we figured it out. Now with the one-click verify, our team will take an action, scan it again, and then a lot of times, even though the fix is pretty straightforward, it doesn't solve the issue. For instance, everyone has NVIDIA in the news all the time because they have these amazing graphics cards. We had an issue. We thought we resolved it. We updated a version, we did the one-click verify, the issue was still there. It said to upgrade to the newest version. So we upgraded another version, did the one-click verify, still was an issue. We ended up going through four or five different iterations and then realized what was actually the problem is that one of the checkboxes needed to be checked differently across our network. Being able to actually go through those iterations so quickly has really helped from a security standpoint.

One of the things that we've shared with Horizon is just the reporting. They've made a lot of changes over time, but when examining computers, most average normal people don't look at a computer and identify it as 114.82.117.180. They identify it as 'the printer for accounting.' When many of the reports give the very detailed technical IP address or serial number, that's really not helpful for anyone other than the person, the hands-on person that's trying to remediate it. All the managers, all the leaders, having information in that format isn't helpful. Being able to have information about what those devices are would be very helpful.

There's a technical reason they can't just have an easy button because some people have really complicated networks. When examining things for the average company, the average executive, that 114 number, there's only one of those. But if examining an AT&T or a Walmart, it isn't unique. They haven't solved that problem. But for the 90% of companies, being able to have just a human readable name for all devices on your network in all of the reports all of the time would be the most beneficial.

We've been using The NodeZero Platform for a little over four years now.

I have not seen any lagging, crashing, downtime, or anything with The NodeZero Platform. I had some unusual situations where because some of our third parties had their systems misconfigured, our scan would run forever because we would start scanning beyond our own four walls of our company. But we've never had major issues with the product itself.

Our company has about 2,000 people, about 5,000 total devices including phones and network equipment. We're a medium-sized company and it takes us a few hours to run every single scan. I am uncertain how it would work if you're on an AT&T or a Walmart where you have a million network objects. I would think it does fairly, but I don't have the experience to say anything more than what we do, which is a mid-sized company.

I have contacted their technical support or customer support many times. The main reason that we contact their technical support and customer support isn't because their product isn't working, it's because their product tells us we have an issue and we need a little bit more help on how we actually resolve the issue. They'll have really good guidance, but sometimes we need to say how they really found this because we're seeing this other flag set this way and we need their help. So we reach out to their support to help resolve the issues that we have within our own environment, not with their product.

My team's been very happy with The NodeZero Platform support. They're not 100%, but their support is above average. Sometimes even their support doesn't know why we're seeing certain issues. But the vast majority of times they are able to resolve the exact questions my team has on the first attempt, which is really good for customer or technical support. On a scale from 1 to 10, most of the time I'd give them a 10 out of 10. Sometimes you get people and it's not their best subject. Not every person is always 100% with every issue, but grading against other customer supports of similar products, 10 out of 10.

The initial deployment of The NodeZero Platform was extremely easy. They basically just need you to install a scanner on your network or wherever you want to scan from. Then you just click a couple of buttons and wait a few hours and then voila, you have results. We've learned a lot over time where there's certain things that maybe we weren't doing as optimally as we wanted, but the initial deployment from the time that we saw a demo to the time that we had some production results was extremely fast. It was same day. I don't know if it was two hours or four hours, but it was very quick.

We have used alternatives to The NodeZero Platform. We originally did several proof of concepts and looked at several competitors. What we really appreciated about Horizon is they actually attack your network. They literally do the test to see if something is open, whereas other tools would just say it's on this version and we know this version has this issue. We've looked at a lot of other tools. We really appreciated Horizon. In the four years, we also do a lot of tools that aren't 100% competitors to The NodeZero Platform, but they do many of the same things. They scan your network, they tell you the devices that are there, they tell you if there's different types of configurations. For Microsoft, we use tools that actually tell us if Microsoft is secure. For our storage devices or our network devices, every one of those tools has their own scanners. We use all of the vendor-specific, which is only good for that one vendor, but it also helps us validate that The NodeZero Platform has been spot on and has been finding all the things that we would hope it would.

The NodeZero Platform helps us to understand better the potential security threats. We don't really use it that way because for us, we're able to scan all of our internal network and all of our external network and have so few issues, we don't really have to worry about hypothetically there's this issue in the wild or there's this issue that's going around with other companies, because our list is so short now and we're just able to resolve everything. We don't use it really as a knowledge tool to inform us on what's going on. We have a lot of other literature to keep us appraised on what's going on. We use it more of just validating that everything we do is right and we don't have to fret about a bunch of hypotheticals. On a scale from 1 to 10, The NodeZero Platform rates a 10 out of 10 overall as it is the best security investment we've ever made, mainly because it got all of our IT people talking together and seeing the issues as they truly were, and that visibility knocked down a lot of walls between teams.

I use The NodeZero Platform as a consultant on penetration testing engagements for various customers. This might be different than some of their more common use cases where companies use it internally. The primary use case is for penetration testing engagements, and the main driver for having The NodeZero Platform is that it's a force multiplier for me as an individual to perform more penetration testing without additional human resources.

My favorite feature about The NodeZero Platform is that it's autonomous, and it truly delivers on that promise. It can be set and forgotten while it performs its tasks. It does exactly what it claims to do.

I started with The NodeZero Platform when it was less mature. Anytime I encountered something annoying or identified a gap that needed attention, they had already fixed or added it by the time I would have requested it. The product is being rapidly developed at this stage. There really isn't anything feature-wise that I would request or change because it's a good product. It does what it claims and excels at finding issues and covering large environments so humans don't have to perform repetitive tasks for extended periods. This allows us to focus on what's important: fixing and protecting systems. If there was one thing I would change, I would want their consulting licensing to return to being unlimited.

I have been using The NodeZero Platform for four years this month.

In the early stages, I experienced issues with large penetration tests where things might get delayed or require intervention, but I cannot remember the last time that occurred. While one of their main selling points is that it's safe to run in production, we might still try to avoid unnecessary risk. For companies operating during normal business hours, we might conduct penetration testing at night. When using SaaS-based products at night, maintenance windows can cause downtime, but I haven't encountered any of these issues with The NodeZero Platform. I cannot recall any instances of downtime or the platform being offline.

I have used it for tests ranging from tens to thousands to tens of thousands of assets, and I haven't encountered any trouble scaling. While I wouldn't say it's infinitely scalable, it certainly handles scaling effectively.

The support currently is really good. When I have questions or concerns, I receive responses promptly. They've added a chatbot which isn't particularly useful, but when it can't answer questions, it forwards messages to human support. I typically receive human responses within 12 hours, usually the same day or next day. Previously, with time-sensitive engagements, I would worry about resolving issues before deadlines. That concern has diminished as they've become more responsive and require less escalation to engineering. Support cases are now handled more efficiently, either by directing to documentation or providing workarounds for project completion.

The setup process is extremely straightforward. It has become even easier with the addition of Runners feature, which allows for automatic setup of repeated tests throughout the year. The initial setup takes approximately 30 minutes, mostly spent reading documentation, as the process is primarily point-and-click.

I have used three alternatives: Pentera, Core Impact, and Metasploit Professional. Core Impact and Metasploit Professional aren't direct competitors as they are penetration testing toolkits with built-in automation. Pentera markets itself similarly to The NodeZero Platform. Compared to Pentera, The NodeZero Platform requires less setup and delivers higher quality results. Pentera follows a consistent pattern of running vulnerability scans and attempting exploits, producing results similar to vulnerability scans. The NodeZero Platform varies its approach and continues exploring potential vulnerabilities more thoroughly, similar to a real threat actor.

The NodeZero Platform has helped identify vulnerabilities with on-premises systems effectively. They handle all technical aspects internally. I have given The NodeZero Platform a rating of 9 out of 10.

My use cases for The NodeZero Platform involve using the tool as a validation tool on top of existing vulnerability management processes. The general idea is that if I identify a subset of vulnerabilities that might be of interest to an attacker, I use The NodeZero Platform to validate my assumptions. Essentially, I'm using it as a red team validation tool to test and validate blue team findings.

The NodeZero Platform's real attack capabilities help identify vulnerabilities on my on-premise systems by adding an element of validation and offensive security testing on top of known vulnerabilities. That's the main use case and the consistent configuration purpose.

The feature that allows security teams to fix and retest vulnerabilities instantly is very useful, even though it may not happen literally 'instantly.' It's a necessary tool for any organization to understand whether vulnerabilities are genuinely exploitable by attackers. With its near-real-time testing capabilities, it's an essential part of any security portfolio.

The Endpoint Security Effectiveness feature impacts my understanding of potential security threats by providing validation through endpoint testing. The NodeZero Platform deploys a script to verify whether endpoint protection tools such as EDR or EPP can detect and prevent attacks. This validation ensures that endpoint protection is configured correctly, revealing that default settings often don't work as expected. This makes the feature unique, as no other vendor seems to offer such validation capabilities.

The areas for improvement for The NodeZero Platform involve integration and automation. It would be beneficial if it could integrate directly with vulnerability management tools such as Rapid7, Tenable, or Qualys. Such integration would allow the platform to automatically import data, identify vulnerable systems, and test targets immediately, potentially even enabling automated feedback loops for rescanning. Currently, this process is manual. Native API-based integration would make the workflow far more efficient.

I have been using The NodeZero Platform in my career for about two and a half years, and I think it's coming up on the third year.

My thoughts about the stability of The NodeZero Platform are that it's not an issue in production. During initial testing in a VirtualBox virtual machine, it was less stable due to insufficient resources. The system requires fast SSD storage, at least 16 GB of RAM, and a 1G network interface. Once properly provisioned, it runs stably without issues.

The scalability of The NodeZero Platform is limited by our license to 1,000 IPs, so my experience beyond that is limited. However, we successfully tested multiple NodeZero scanners running concurrently without any concerns. The system scales well within the licensed range.

I have contacted The NodeZero Platform's technical support once in two and a half years. The issue was related to the reporting process getting stuck during telemetry capture and report generation. The support team resolved it quickly by restarting the process. I rate the support experience as 10 out of 10.

The initial deployment of The NodeZero Platform has two components: external and internal. For the external scanner, which uses AWS hosting, setup takes just minutes once the cloud space is provisioned. The tool performs domain and IP validation (whois, DNS lookup, etc.) before allowing scans, which can take up to 24 hours.

For internal deployment, it depends on corporate practices. Our process took about two weeks due to our sprint cycle and change management procedures. For larger or more complex network environments, deployment may take longer. Ideally, a NodeZero scanner should be positioned in each segmented subnet for full coverage.

Regarding pricing for The NodeZero Platform, I can say it's reasonable and the vendor is flexible. When discussing licensing, they were initially limited to 10,000 IPs, but agreed to let us target 1,000 IPs instead. That flexibility allowed us to use the tool effectively despite a smaller license count. While managing subsets of IPs introduces some overhead, the flexibility and support make the pricing worthwhile.

The NodeZero Platform requires minimal maintenance. The NodeZero scanner is a small Linux wrapper with scripts that need occasional package updates. Although it auto-updates before scans, it's safer to manually update dependencies beforehand to prevent issues during testing.

Overall, I think The NodeZero Platform is a necessity in any security portfolio. With 15 years in the industry, I see it as an essential tool for organizations of any size to determine whether vulnerabilities are truly exploitable. The product works well, is stable, and provides unique validation capabilities. I would rate it a 10 out of 10 for everything.

I am a customer of The NodeZero Platform.

The NodeZero Platform has been instrumental in identifying vulnerabilities across our entire network. Its automated scanning capabilities provide detailed insights and alert me to issues, which is exactly what we need from a security tool.

The interface is intuitive and easy to use, and the reporting features are excellent—offering both high-level executive summaries and in-depth technical reports. What stands out is that it not only tells you what's wrong but also explains how to fix it, complete with step-by-step instructions and the exact commands it used during the scan. This transparency is incredibly helpful, especially when validating fixes.

Even when vulnerabilities are detected, they may not always be exploitable in our specific environment. But knowing what's there—and having guidance on remediation—lets me act confidently. I use FortiClient and patch regularly, but NodeZero adds an extra layer of assurance by catching things that might slip through. I don’t have the budget for a dozen expensive tools, but with NodeZero, I get significant value without overspending.

The automation is by far the most valuable feature. NodeZero performs tasks comparable to what we used to get from a manual penetration testing firm—at a similar or even lower cost. The big difference? I can retest whenever I want, without waiting weeks or paying extra fees.

IT environments are dynamic, and things change quickly. In one case, I assumed a group policy was fixing an SMB issue across the network, but NodeZero revealed a few devices were still vulnerable. That allowed us to go back, identify the gap, and validate the fix—all using the platform.

The learning curve was minimal. Setup took just a couple of hours at most. Once installed, I simply choose the endpoints and let it run. There are safety warnings for potentially disruptive scans, which I appreciate—it helps prevent unintended issues like system crashes.

As someone who isn’t a dedicated security engineer, I find the platform comprehensive. However, I’d benefit from additional training on specific features, like their honeypot and tripwire system. Deeper education on these would help me take fuller advantage of the tool.

I’ve been using NodeZero for one year.

The platform has been stable overall. It did crash our phone system once, but that was due to a Mitel vulnerability—not NodeZero itself. That incident actually led us to strengthen our firewall rules by eliminating “any-any” configurations and narrowing down allowed ports.

NodeZero is highly scalable. I have around 1,000 public IPs and about 20 internal VLANs that can be scanned. The IP-based pricing can add up, but it’s manageable and worth the investment.

Scheduling scans is simple. I run external tests every Saturday at 3:30 AM and receive detailed notifications about any issues. It gives me confidence knowing the system is being continuously evaluated.

Customer support has been excellent. The team is responsive, knowledgeable, and eager to walk me through any questions or features. I’d give them a perfect 10 out of 10.

Before NodeZero, I relied solely on manual penetration testing. The switch was driven by the need for more frequent, flexible, and cost-effective testing.

Initial setup was straightforward. I downloaded an OVA file, deployed it in Hyper-V, powered it on, and used a few simple CLI commands via SSH. Monthly maintenance is easy too—just a quick update command and it's done in seconds.

Pricing is competitive and aligns with what I paid for manual testing—but with more flexibility. Traditional pen tests usually limit you to a few subnets, while NodeZero lets me scan a much broader range without added cost.

I’d rate the NodeZero Platform a 10 out of 10. It’s a powerful, cost-effective, and reliable tool that gives me peace of mind in maintaining a secure IT environment.

We use The NodeZero Platform for its automated internal penetration testing and automated external penetration testing. We use both of them and drop tripwires in the same thing, and we also run rapid response. We don't have the highest level subscription, but we have access to a lot of it. I use it for segmentation testing. I use it to help validate vulnerabilities through vulnerability management because we use Rapid7 and CrowdStrike. I now have a three-way assessment of our vulnerabilities and which vulnerabilities actually matter. I assess the attack chain with it. We use a lot of the platform and leverage its true capabilities within our subscription.

It prevented an attack indirectly. We experienced a threat that could have severely crippled us, but we were able to shut it down before it escalated. This was possible because we had been conducting internal vulnerability testing and addressed some critical vulnerabilities using their tool. If we hadn’t done that, those vulnerabilities could have been exploited to incapacitate us. So, in real time, it protected us from a potentially crippling attack.

NodeZero's Endpoint Security Effectiveness feature significantly enhances our understanding of potential security threats. I previously used CrowdStrike and Rapid7 to identify vulnerabilities. Both highlight which vulnerabilities are exploitable using tools like Metasploit or are actively being leveraged by malicious actors. However, these tools don’t provide a complete understanding of the attack chain, which is where NodeZero excels. I encountered challenges with patch management, as we struggled to test and implement patches due to time constraints. This led to our patch management process being ineffective. After conducting an initial internal penetration test with The NodeZero Platform, we were able to clearly see the attack paths and identify critical vulnerabilities. Instead of facing a daunting list of 300 critical vulnerabilities, our team could now focus on just 30 key vulnerabilities that would effectively mitigate most of the attack vectors. As a result, we reduced our potential for significant attacks to a minimal level, thanks to NodeZero’s ability to highlight the critical pathways and prioritize the vulnerabilities that truly matter.

The NodeZero Platform is awesome. It's intuitive, easy on the eyes, and the platform and presentation are clean and crisp. The reports generated from internal or external penetration tests require little to no adjustment when I'm presenting to the C-suite. They need information that's quickly consumable so they can move on to the next task, and many other platforms just don't provide that. The reports from The NodeZero Platform deliver a clean export that can be easily copied and pasted onto a presentation. I can summarize everything in three PowerPoint slides, highlighting our current status, our goals, and what has been resolved, as well as what is still outstanding. This streamlined export is incredibly beneficial for the C-suite.

Moreover, the detailed reports not only list the vulnerabilities that matter, but they also include direct links to patches. This feature saves our team time, as we don't have to search for fixes for each vulnerability. We're a small team, servicing around 400 employees with just 12 IT personnel. So, having all vulnerabilities laid out with links to their respective fixes is immensely convenient.

This platform is truly exceptional for anyone involved in these types of scans, and I believe everyone should be conducting them regularly. With the ease of use in deploying both internal and external scan engines, even someone with minimal computer knowledge can operate it. This makes it accessible to all organizations, whether they are municipalities, government entities, or small local businesses. Being able to sign up with the company and start scanning, both internally and externally, within an hour is remarkable. You can even automate your scans on a monthly basis, along with scheduling hands-on keyboard penetration testing at least once a year. Human testers bring creativity that currently exceeds that of AI, so having that annual hands-on review is important. Many organizations neglect this practice, but the usability of this platform allows anyone to manage it. For example, my wife works as the mayor of our city, and our police chief is not very computer-savvy—he can barely open a Word document. As a test case, I plan to have him set it up to demonstrate its simplicity, as the city is considering adopting this platform. I want to see if he can manage the setup and launch, which would confirm that basic users with little computer experience can successfully execute it. Even my wife kicked off a scan and felt like a hacker, despite her limited technical skills. As someone who enjoys penetration testing and has a good amount of computer knowledge, I find using this platform not only efficient but also enjoyable.

Adding an OSINT tool would greatly improve their platform. One of the things that many vendors are pushing is identity protection, which scans the deep web for compromised credentials and identifies fake profiles of your company's leadership. Essentially, it provides an open-source intelligence view of what is happening out there and what has been compromised that attackers could potentially exploit. This service reveals which credentials and email addresses are available on the deep web, as well as which domains have been set up using typo-squatting techniques. It summarizes all this information and helps raise awareness among users. For example, if it detects that someone's credentials are exposed, it can prompt them to change their email address and passwords. If it identifies typo-squatting on certain domains, you can pass this information on to the vendors to have those domains taken down.

I have been using The NodeZero Platform for approximately two years.

I have not experienced any issues with The NodeZero Platform on their end. Occasionally the runner gets delayed, but that's due to our misconfigurations or internal issues, not their machines.

Scalability with The NodeZero Platform is straightforward. I deployed it across multiple systems - Graperoberts, Selmid, Sky Geek, and our DLC. It scales seamlessly. We currently scan approximately 1,500-2,000 assets and haven't encountered any scaling or throughput issues.

The technical support for The NodeZero Platform is exceptional. On the federal side, response times are incredibly fast - typically within five to ten minutes, with a maximum wait time of 30 minutes. Their responsiveness is remarkable.

When we were attacked, our endpoint detection and response (EDR) system was slower to respond than they were. I contacted our EDR team immediately, informing them that we were under attack and that files were being compromised. I asked for guidance on what they were seeing on the back end.

Next, I reached out to the Horizon3 team, even though I acknowledged that this wasn’t their typical area of expertise. I explained the situation and asked for their thoughts on what the next phase of the attack might be, so we could start shutting things down. Remarkably, they replied within five to ten minutes, which was an hour faster than CrowdStrike responded. Even though it wasn't their specialty, they provided valuable advice on what we should do and how to execute our response. They are truly a solid team—ethical and highly competent.

We have used alternatives to The NodeZero Platform that we found through Coalition Control, our cyber insurance company. While the alternative conveyed similar information, it functioned more as a standard vulnerability scanner. What sets The NodeZero Platform apart is the presentation of findings, making it clear and easy to understand the attack chain. The alternative tool was essentially another vulnerability scanner that could check boxes for internal and external penetration testing but didn't provide the attack chain capabilities that The NodeZero Platform does.

It's super easy. The setup takes about 30 minutes. It’s really quite simple. You log in, enter a couple of IP addresses, and hit “scan” for your external assets. I'd estimate that the external scan setup took around thirty minutes. The internal scan setup took a bit longer, probably about an hour before I could actually start scanning. I had to reach out to one of my developers, Jason, to assist because I couldn’t build it myself; I don’t have the necessary admin credentials as the InfoSec Manager. I asked Jason to create a virtual machine (VM) and install the tool for me, and after that, I was able to run it.

To summarize, it took about an hour from the time I requested help from Jason until I ran my first internal penetration test. So, we’re looking at 30 minutes for the external setup and an hour for the internal setup. However, keep in mind that we’re not a new operation—we have skilled personnel. If you're a small business that has never set up a VM before, it might take you two to three hours to follow the instructions. Unless you have a Horizon3 team member to guide you, it generally takes about an hour. Overall, it's very simple.

It couldn't be better unless it fixed the vulnerabilities automatically. I've already communicated this to them, stating, "You need to fix them for me." They have seen the issues and have the link, so I just want them to apply the patch.

If I were to rate this solution on a scale from one to ten, it would definitely be a ten.

The primary use case that we have for The NodeZero Platform is for scanning the environment and identifying vulnerabilities. The tool prioritizes vulnerabilities, focusing on the most critical ones.

It has evolved significantly over time. What sets this tool apart from others is its ability to prioritize vulnerabilities effectively. Many vulnerability management (VM) tools today provide users with extensive lists of vulnerabilities—often numbering in the thousands, with categories like four thousand critical and three thousand high. Upon deeper examination, it's common to find that more than half of those vulnerabilities aren't even exploitable. This results in overwhelming amounts of data without a clear focus on what needs immediate attention to improve security. In contrast, this tool excels at prioritizing vulnerabilities based on their relevance to attack scenarios. It analyzes specific attack chains to determine how critical each vulnerability is and assesses how frequently those vulnerabilities appear across various attack chains. By doing this, this tool can elevate the priority of certain vulnerabilities, allowing organizations to concentrate their remediation efforts on the most critical issues. A prime example of this effectiveness comes from an acquisition we conducted. The organization believed it had a robust security environment. However, after running The NodeZero Platform over a weekend, we discovered vulnerabilities that allowed for compromise in approximately 35 different ways. With other tools, addressing these vulnerabilities could have taken six to twelve months due to poor prioritization. In our case, we were able to eliminate the risk of domain compromise within one month and address all single-host vulnerabilities by the second month, all done with a small team, thanks to our precise focus on what truly mattered.

The solution’s feature that allows security teams to fix and re-test vulnerabilities instantly is fantastic. With traditional penetration tests conducted by a human, the process is very expensive. You typically get two weeks of testing, then you make your fixes, and sometimes you can get them to retest. However, often you have to pay extra, and sometimes you just don't have enough time. This results in going another year hoping or thinking that vulnerabilities are fixed, but they might not be. With Horizon3, you can immediately retest vulnerabilities, and it will clearly indicate whether or not they are still present. Probably 20 times in the last year or two, we were told something was fixed when it actually wasn’t. Sometimes it’s due to a patch not being applied correctly, or perhaps they missed adding a registry key. There could be various root causes. The ability to dig in with our team and confirm whether a vulnerability is resolved is crucial. They can go back and fix it, and sometimes that takes multiple attempts. So this functionality is really valuable.

The platform's real attack capabilities have massively helped in identifying vulnerabilities in our on-prem systems. The best litmus test I can give is that during our previous penetration tests, attackers would easily gain domain admin access. However, with Horizon3, we can prioritize vulnerabilities and address them effectively. We recently conducted our first penetration test where the testers were completely unable to gain domain admin access, which is impressive given that this was done by a well-known player in penetration testing.

In terms of NodeZero's Endpoint Security Effectiveness feature's impact on our understanding of potential security threats, looking at it from the endpoint perspective really helps us identify what needs to be done to address vulnerabilities. Once we know what those are, we can go in and fix them. It’s pretty cool.

Prioritization is really key; it's a massive differentiator. The prioritization aspect is crucial. The ability to capture or crack credentials and then use that to move laterally and identify additional vulnerabilities is significant. Their password-cracking capability is a distinct function that is very helpful.

Additionally, when a new vulnerability, such as a zero-day exploit, is identified, they review your previous scans to determine if you might be vulnerable to it, and they proactively notify you. That's a huge benefit.

Also, the fact that they provide fixes alongside all their identified vulnerabilities means you don’t have to search for fixes yourself. They give you specific actions to take, which is incredibly helpful and saves a lot of time.

One significant area to focus on is external vulnerabilities, particularly in the web application space. This often requires a greater level of human ingenuity, as it typically involves navigating a webpage, creating an account, and testing for various vulnerabilities, such as SQL injection. Adding this capability would be a valuable enhancement.

I have been using The NodeZero Platform for approximately four to five years.

The only issue we’ve encountered is that sometimes the scans take a long time to complete. This happens when a credential is identified late in the scan, leading the system to attempt that credential on all the other hosts. As a result, the scans can run longer than expected and may even cause some memory issues. Fortunately, this is a relatively easy fix; you just need to increase the amount of memory on the server. Overall, it’s a minor issue.

The NodeZero Platform has unbelievable scalability. The limiting factor is just where you have the hardware infrastructure to be able to add additional VMs. Anywhere you can put a VM, you can run another concurrent scan.

I might sound like a fanboy, but I truly have about three and a half vendors that I really like. I'm generally tough on most of my other vendors, but these particular ones stand out because they are that good. From a tech support perspective, I would say they have some of the best support compared to any of the companies I work with. Microsoft, for example, is very hit or miss. Sometimes you get an excellent support representative, but I find that about 80% of the time, the person assisting you has no idea what they're doing. As for other decent options, CrowdStrike typically provides good support, but it seems like they focus more on managing tickets from an ITIL perspective, prioritizing the speed of ticket resolution over thoroughness. Zscaler is similar in that respect; They are better than Microsoft, but the quality of support can still be somewhat inconsistent.

Overall, when it comes to The NodeZero Platform's tech support, you can reach them via a chat message on their website, and they respond almost immediately. You're quickly connected with a very knowledgeable engineer, and you receive prompt responses. They are really good.

We have used Nessus, Qualys, and Tenable as alternatives to The NodeZero Platform. We were paying for Tenable. We were paying for Qualys. We basically stopped and moved to Horizon3.

If you were looking for a super wide net of everything that you could possibly try and identify, I think the other ones might be more holistic, but their prioritization is lacking, leaving you less secure because they do not help you prioritize.

It was super easy. From initially getting it set up to running it, it took about 24 hours. The biggest time requirement is actually getting a virtual machine (VM) stood up. If you can get a Linux VM set up, that’s the hardest part of the whole process. After that, it’s really easy.

From a maintenance perspective, in terms of keeping the system healthy and functional, there isn’t much that we need to do; it pretty much runs itself. However, where we do put in work is in reviewing the outputs and determining our priorities. We then collaborate with the rest of the team, particularly on the server side, to address vulnerabilities and other issues that arise. So, while there is work involved, it’s not about maintaining the Horizon3 product itself, but rather managing the findings that we need to fix.

The benefits of The NodeZero Platform are immediate. Just having access to a list of prioritized vulnerabilities and understanding how they were exploited in various attack chains was eye-opening. You might think you have a highly secure environment, but in reality, it can be compromised easily. This insight highlighted everything that needed improvement. Honestly, it's one of the most transformational technologies we've implemented in our company.

They offer really fantastic pricing. We've been with them for a long time, so I believe we might have a special deal. However, from conversations with other peers, it seems their pricing is very competitive as well.

I would rate The NodeZero Platform a 10 out of 10.

The primary use case for the NodeZero Platform is as an extension to existing vulnerability management systems. Initially, it complemented solutions like Qualys or Tenable. However, there has been a shift towards using NodeZero to replace existing vulnerability management solutions altogether. The motivations include cost savings and addressing issues that traditional vulnerability managers might report but do not actually affect system security.

Deploying the NodeZero Platform is straightforward for me as it involves just a Docker container in a network or a network segment, saving time and eliminating the need for agents on every endpoint. Its autonomous operation, safe for production use, makes it practical to schedule pen tests during business hours. The tripwires feature acts like a honeypot, providing network alerts for potential threats. These factors make it an effective tool for enhancing security in organizations.

One of the areas where improvement is needed is in the visibility and reporting for large enterprises. The existing GUI or NodeZero insights provide better visibility, but there's still room for enhancement. Moreover, there is a need to automate interactions with other systems, particularly in triggering or opening tickets in ServiceNow. Adding the application layer would also be valuable for clients.

I have used the solution for 1.5 years.

No issues were encountered in deploying the NodeZero Platform. Once the firewalls are open and communication with the cloud is enabled, it's a matter of installing a Docker container or VMware and opening the ports for smooth operation.

I rate the stability of the NodeZero Platform a ten out of ten. We have not encountered any issues on the platform regarding accessibility, performance, or stability.

I rate the scalability of the NodeZero Platform a ten out of ten. We have conducted pen tests in environments with hundreds of thousands of IP addresses without any scalability issues. The platform is built for large scale deployment and operation.

I rate their support an eight out of ten. The support is skilled and effective, although there are sometimes delays due to bandwidth issues, possibly due to the size of the team.

Initially, NodeZero and similar solutions were used alongside existing vulnerability management solutions like Qualys or Tenable. However, there has been a shift towards replacing these existing solutions as businesses seek to address vulnerability issues more efficiently.

The initial setup is very easy, rated 10 out of 10. It involves straightforward steps of installing a Docker container, configuring firewalls, and ensuring communication with the cloud.

The deployment process involves an initial meeting with the client to choose the deployment method—either on a VMware or Docker container. This is followed by defining and setting up firewall rules. After preparing everything, deploying the Docker container or VMware takes a few minutes, and the pen test can begin.

I rate the pricing a six out of ten. Pricing is moderate compared to competitors but depends on the solutions in comparison. While cheaper than XM Cyber and human pen testers, it's more expensive than vulnerability managers.

I evaluated Pentera and XM Cyber alongside the NodeZero Platform at various points. Pentera was assessed about two years ago, and we have clients currently using XM Cyber.

I rate the NodeZero Platform an eight out of ten. The platform is scalable and stable, suitable for large enterprises and businesses. It needs improvement in areas like visibility, reporting, and automation with third-party systems. The overall product rating is eight.

To meet standards, I am required to do penetration testing periodically. This is something I can do on-demand anytime I choose, or I can set it up to recur on a recurring schedule.

The NodeZero Platform has a great cost, and its usability is straightforward. It can be deployed in the cloud. There is an on-premise container that I need to spin up to allow it to run in my environment, but it is automatically updated because it is cloud-based. It uses AI to try and gain access to my network and learns from the environment as it goes, providing a report on vulnerabilities, and demonstrates how their system exploits them to either elevate privilege or gain access to specific credentials or devices.

I haven't really come across anything that I say needs to be improved with it, other than the container runner, which tends to lose time. It does not always sync with the cloud versions, so I have to do it manually.

I have used the solution for over a year.

Initially, there were some devices that, when it scanned, it caused network issues. So I had to exclude those, but that was fairly simple to do.

I reached out to support and they were very responsive. I would rate them a nine out of ten.

I have reviewed other penetration testing solutions but haven't used them due to cost constraints, as they were really expensive compared to the NodeZero Platform.

The initial setup was simple and easy to operate.

The pricing is much more affordable than traditional penetration tests.

I have reviewed other penetration testing solutions but did not use any due to cost constraints.

I would advise taking advantage of the support when you have it. For Horizon360 NodeZero, they are always responsive. Let them show you how to use it and the best way to get the most out of it. Overall, I'd rate NodeZero at nine to 9.5 out of ten.