My main use case for The NodeZero Platform by Horizon3.ai is C-TAM to actively scan for threats or potential threats within our environment and to help keep our environment secure. A specific example of how I have used The NodeZero Platform by Horizon3.ai for C-TAM in my environment is that we had some exposed SSH ports within a cloud provider, and we were able to clear those and close those ports up.
Horizon3.ai NodeZero Platform
Horizon3.aiExternal reviews
39 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Deep Domain Insights with a Simple Setup
What do you like best about the product?
The amount of insight it gives us into our domain with a simplified setup for in-depth results
What do you dislike about the product?
Until we renew we are on a per IP basis, not scan by hostname
What problems is the product solving and how is that benefiting you?
It is allowing us an intesive AD Password audit automation. It also allows us to find misconfigurations or unknown issues that could be used to bypass security measures.
Unlimited Automated Pentests Without Limits
What do you like best about the product?
automated and without limitations how many pentests you can do
What do you dislike about the product?
features and configuration flexibility for our environment
What problems is the product solving and how is that benefiting you?
Penetration testing our infrastructure and products
Great Automated Pentesting and Information Gathering
What do you like best about the product?
Automated process for pentesting. It is a great tool for information gathering
What do you dislike about the product?
The reports aren't the best since they do not include hostnames
What problems is the product solving and how is that benefiting you?
Securing our infrastructure/network
Continuous threat scanning has improved remediation time and strengthened executive reporting
What is our primary use case?
What is most valuable?
The best features that The NodeZero Platform by Horizon3.ai offers include the automated scans, which are great to use; you set it, scope it, and let it go, which works really well. The executive reporting feature is impactful for me as a manager, providing a strong foundation to give quarterly and yearly reports to our executives and board to see the state of our infrastructure from a security standpoint.
The level of detail and clarity in the executive reports from The NodeZero Platform by Horizon3.ai absolutely helps me communicate effectively with leadership. They are detailed enough for me to extract the necessary information tailored for the executives and to provide a broader perspective on our mitigation efforts or accepted risk stance and where additional controls exist.
The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization. It allows us to run scans whenever needed, unlike a single third-party system that only provides a snapshot in time; our processes must be ongoing as the security landscape is dynamic.
NodeZero's endpoint security effectiveness feature impacts my understanding of potential security threats by providing a clear picture of both the external and internal landscapes within my organization, enabling me to prioritize and adjust as needed for vulnerabilities such as WordPress plugin issues or user enumerations and software code version assessments.
I have built The NodeZero Platform by Horizon3.ai into our weekly and monthly workflows for security CI/CD, and we scan our externally accessible assets every week to address anything quickly if it comes up. That includes our firewalls, websites, and anything that is an external web server, which we scan weekly, while the monthly scans are for internal systems that feed our security CI/CD pipeline, enabling us to action across and prioritize any vulnerabilities caught by The NodeZero Platform by Horizon3.ai.
What needs improvement?
The NodeZero Platform by Horizon3.ai is great, with an amazing MCP server and great API integration. I have utilized both and can vouch for their features. However, my team struggles with the onboarding side of our engagement, which should have been more robust; having a statement of work and a clear definition of success would have been beneficial. We faced challenges building the boat as we were launching without clarity on how we wanted to use the system, but that is the only constructive criticism I have for improvements.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for six months.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai has been very stable.
What do I think about the scalability of the solution?
So far, we have not needed to scale The NodeZero Platform by Horizon3.ai much; it is effectively doing everything we need it to do, making the question of scalability somewhat irrelevant for us.
How are customer service and support?
So far, customer support for The NodeZero Platform by Horizon3.ai has been great; we appreciate the team for always answering our questions promptly and bringing in resources as necessary. I would rate customer support for The NodeZero Platform by Horizon3.ai a 10; the team has been great in responding quickly and thoroughly explaining any questions we may have.
Which solution did I use previously and why did I switch?
We did not previously use a different solution; we just had Tenable running, which is not the same as The NodeZero Platform by Horizon3.ai.
How was the initial setup?
My experience with the pricing, setup cost, and licensing of The NodeZero Platform by Horizon3.ai has been great. The sales process with Calvin and the team was excellent, leaving me very satisfied with the implementation and support from the NodeZero sales team.
What was our ROI?
Although I do not have specific metrics indicating return on investment such as fewer employees or direct savings, the main metric is that we save time because The NodeZero Platform by Horizon3.ai is scanning continuously and allows us to track remediations within the platform. Time to resolution and verification is what I focus on most, as we can quickly verify the resolution of vulnerabilities through the one-click verify feature in The NodeZero Platform by Horizon3.ai.
Which other solutions did I evaluate?
Before choosing The NodeZero Platform by Horizon3.ai, we evaluated other options including Cymulate and Rapid7, though I cannot recall the other one.
What other advice do I have?
The NodeZero Platform by Horizon3.ai is currently deployed in a public cloud, and we plan to incorporate some on-premise capabilities as we work on network segmentation to scan other sites from remote office locations or physical sites.
For our public cloud deployment of The NodeZero Platform by Horizon3.ai, we use Azure.
What we have seen as specific outcomes indicating this positive impact is that everything external on our systems scores below two, which is really good. While we have some configuration cleanup to do, everything external is very clean now, and we identified what needs to be addressed, prioritized them, and within weeks got to a very clean state externally, though we still have ongoing work internally due to some legacy systems.
The platform's real attack capabilities help in identifying vulnerabilities in our on-prem systems by reviewing our overall posture and available layers. Given our complexity with 17 different sites in Azure, we are constantly scanning across the network, realizing that our network segmentation needs improvement. Once we enhance that segmentation, we will utilize The NodeZero Platform by Horizon3.ai at one of our remote office sites to conduct scans accordingly.
I adore the feature of The NodeZero Platform by Horizon3.ai that allows security teams to fix and retest vulnerabilities instantly, as I always want to validate the efforts and diligence put forth by my team.
I assess that The NodeZero Platform by Horizon3.ai has improved our organization's remediation time because we have fewer vulnerabilities to remediate now. Initially, we had a lot of medium vulnerabilities and a few high ones, allowing us to prioritize and resolve the high risks quickly, then address the medium vulnerabilities more methodically to add value back to the organization, which we accomplished in a timely manner.
The NodeZero Platform by Horizon3.ai is great, with an amazing MCP server and great API integration. I have utilized both and can vouch for their features. However, my team struggles with the onboarding side of our engagement, which should have been more robust; having a statement of work and a clear definition of success would have been beneficial. We faced challenges building the boat as we were launching without clarity on how we wanted to use the system, but that is the only constructive criticism I have for improvements.
The NodeZero Platform by Horizon3.ai has not helped reduce our pen-testing costs; in fact, our pen-test engagement was cheaper than the cost of The NodeZero Platform by Horizon3.ai. However, the pen test occurred only once a year and provided just a snapshot of a moment in time without follow-up for remediation validation, so we appreciated it but it did not effectively portray our organization's ongoing state.
I advise others looking into using The NodeZero Platform by Horizon3.ai to buy onboarding hours and create a statement of work since building that ad hoc is not in the best interest of the organization. It is vital to define success criteria for when the onboarding process is completed and implemented.
The NodeZero Platform by Horizon3.ai does what it is advertised and does it really well, and I would rate this review a 10.
Comprehensive Security Enhancement with Stellar Onboarding
What do you like best about the product?
I definitely like the documentation and the community around NodeZero from Horizon3.ai. The sales team was great, and the presales engineer had extensive product knowledge and was willing to share as much as possible. I also really appreciate the reporting features, particularly the board or executive reports. These reports are easy to manipulate and get into our board's hands for an overall review. The onboarding process is really helpful, as it simplifies the toughest part of a new implementation and raises the team’s level of product knowledge efficiently.
What do you dislike about the product?
I think we should have bought some onboarding hours and really leaned into that. The initial setup was just okay and done ad hoc. From my team and from the NodeZero team. So I think if we'd have taken it from a more rigid plan with a statement of work and what success actually looks like. We were kinda building it on the fly. So I think it's just a solid what does success actually look like.
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai gives us peace of mind by identifying system issues to address like configuration updates, software patching, and known vulnerabilities, protecting us from external and internal threats.
Automated pen tests have strengthened our security posture and reduced assessment effort
What is our primary use case?
My main use case for The NodeZero Platform by Horizon3.ai is performing quarterly pen tests on our enterprise and OT networks.
For those quarterly pen tests, we usually run them in the actual web UI interface, selecting what subnets we want to hit for pen tests, what vulnerabilities we want to use, and the whitelists that we have in place. We don't step on any sensitive devices, and then afterwards, we review the findings and remedy the problems.
What is most valuable?
The best features that The NodeZero Platform by Horizon3.ai offers include its set it and forget it type pen testing. You configure it once and then set it to automatically run during certain days, which is particularly useful, especially when you're a thin IT department.
That set-it-and-forget-it feature helps my team day-to-day by saving a lot of time, as we can set the pen test and then divert our attention to other things while the pen test is ongoing.
The NodeZero Platform by Horizon3.ai has positively impacted my organization by catching vulnerabilities and exploits that we wouldn't otherwise be able to find as easily or as quickly, so I'd say it helps better our cybersecurity posture.
What needs improvement?
The NodeZero Platform by Horizon3.ai can be improved in some ways, particularly regarding the test scan sometimes.
When the test scan doesn't work as expected, the runner sometimes acts up, and we usually have to run a command on it to fix it or sometimes reboot it. Other than that, the product works great.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for about a year and a half.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is stable.
What do I think about the scalability of the solution?
The scalability of The NodeZero Platform by Horizon3.ai is pretty good, as you can throw in any number of subnets in the pen test, so I'd say it's very scalable.
How are customer service and support?
We have had no issues with their customer support; it seemed pretty solid.
I would rate the customer support of The NodeZero Platform by Horizon3.ai as an eight.
Which solution did I use previously and why did I switch?
We did not have a different solution before using The NodeZero Platform by Horizon3.ai.
How was the initial setup?
I wasn't involved in the pricing, setup cost, and licensing, but I've heard that it's pretty simple and easy.
Which other solutions did I evaluate?
We did not evaluate any other options before choosing The NodeZero Platform by Horizon3.ai.
What other advice do I have?
My impression of the solution's feature that allows security teams to fix and retest vulnerabilities instantly is that it's a very useful feature, and I highly appreciate that feature.
The platform's real attack capabilities have helped in identifying vulnerabilities in my on-prem systems by giving us a real-world example of what we should be prioritizing, which helps during the vulnerability management process, so it's helped us significantly.
We don't necessarily use the endpoint security effectiveness feature; we don't really pay attention to it.
The NodeZero Platform by Horizon3.ai has reduced our pen testing costs, but I don't have a specific number.
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to utilize the one-click vulnerability or rescan feature for NodeZero.
I think they're also the reseller for the product.
I would rate this solution an eight overall.
Time-Saving Penetration Testing with Ease
What do you like best about the product?
I like NodeZero from Horizon3.ai for its comprehensive nature. It effectively covers the whole network, identifying any active vulnerabilities that are being exploited. I find it extremely useful because I can set it up and then do something else while the pen test is running, which saves a lot of time.
What do you dislike about the product?
The runner sometimes acts up and we have to run some commands to get it working.
What problems is the product solving and how is that benefiting you?
I use NodeZero from Horizon3.ai for penetration testing. It saves a lot of time because I can set it up and focus on other tasks while it runs, identifying vulnerabilities across my network.
On-Demand Pen Tests and Vulnerability Scans That Transform Threat Verification
What do you like best about the product?
The ability to run on-demand penetration tests and vulnerability scans has changed how we verify whether we’ve successfully mitigated a specific threat.
What do you dislike about the product?
Often, the runner VM loses sync with NodeZero during testing and has to be restarted.
What problems is the product solving and how is that benefiting you?
Manual penetration tests are valuable, but they are point‑in‑time, expensive, and don’t keep pace with ongoing changes to the environment.
How NodeZero helps:
NodeZero provides safe, automated, and repeatable pentesting that can be run on demand or on a schedule, without agents or credentials and without disrupting production systems.
Benefit:
We now have continuous security validation and can confirm whether changes, patches, or new configurations actually reduce risk.
How NodeZero helps:
NodeZero provides safe, automated, and repeatable pentesting that can be run on demand or on a schedule, without agents or credentials and without disrupting production systems.
Benefit:
We now have continuous security validation and can confirm whether changes, patches, or new configurations actually reduce risk.
Easy to Use with Well-Structured Results
What do you like best about the product?
Ease of use and structure of information returned.
What do you dislike about the product?
Documentation can be hard to follow for first time setup and troubleshooting down the line.
What problems is the product solving and how is that benefiting you?
Tracking vulnerabilities both for the company and ongoing ones in databases around. Easily tracking vulns and listing fix actions all in one place speeds the process up.
Run Pentests Anytime with Flexible, On-Demand Testing
What do you like best about the product?
I like being able to run pentests whenever I want.
What do you dislike about the product?
There’s a small learning curve when it comes to working with the containers and customizing scripts.
What problems is the product solving and how is that benefiting you?
It’s helpful to be able to closely monitor our environment without needing a specialized staff member to perform an audit.
showing 1 - 10