Horizon3.ai NodeZero Platform
Excellent platform for running production safe red team attack simulations
Powerful AI-Driven VAPT That Runs with Minimal requiriements
Affordable, Comprehensive Pentesting Solution
Simple Setup, Clear Pen Test Results with Valuable Network Insights
Continuous autonomous testing has improved security posture and reduces exploitable vulnerabilities
What is our primary use case?
My main use case for The NodeZero Platform by Horizon3.ai is autonomous and continuous penetration testing.
A specific example of how I use The NodeZero Platform by Horizon3.ai for autonomous and continuous penetration testing is testing web applications for vulnerabilities as new releases come out. I run these tests weekly or depending upon when it is necessary for different applications.
What is most valuable?
The best features The NodeZero Platform by Horizon3.ai offers are ease of deployment, intuitive interface, and the extremely useful and phenomenal data that it provides as an outcome.
The interface of The NodeZero Platform by Horizon3.ai is intuitive for me because it provides us with actionable data, and it is very easy to use and straightforward, not requiring much of a learning curve to pick up.
The NodeZero Platform by Horizon3.ai has positively impacted our organization by definitely increasing our security posture significantly.
Since using The NodeZero Platform by Horizon3.ai, I have noticed specific improvements such as a decrease in identified vulnerabilities, with fewer critical and high vulnerabilities over time.
What needs improvement?
The NodeZero Platform by Horizon3.ai could be improved by speeding up the time from initializing a test to actually starting the test, as the deployment of the underlying infrastructure can take several minutes, sometimes over 10 minutes.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for four years.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is stable.
What do I think about the scalability of the solution?
The scalability of The NodeZero Platform by Horizon3.ai is very good.
How are customer service and support?
The customer support is very good. On a scale of 1 to 10, I would rate the customer support a 10.
Which solution did I use previously and why did I switch?
I did not use a previous solution before using The NodeZero Platform by Horizon3.ai.
What was our ROI?
I have seen a return on investment with The NodeZero Platform by Horizon3.ai but cannot share any relevant metrics.
Which other solutions did I evaluate?
I evaluated other options before choosing The NodeZero Platform by Horizon3.ai, specifically Pentera.
What other advice do I have?
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to use it to its full potential, as it is very easy to use and has very powerful features; just make sure you're using them all.
Regarding The NodeZero Platform by Horizon3.ai's AI capabilities, I have no preference about its governance and security. I think its accuracy and reliability of output are very good.
The NodeZero Platform by Horizon3.ai is deployed in my organization on a public cloud, as it is a Software as a Service solution. I use AWS as my cloud provider. I did not purchase The NodeZero Platform by Horizon3.ai through the AWS Marketplace.
My impression of the solution's feature that allows security teams to fix and retest vulnerabilities instantly is that it is phenomenal.
The platform's real attack capabilities have helped in identifying actual exploitable vulnerabilities in my on-premises systems compared to a vulnerability management solution, which only gives me theoretically exploitable vulnerabilities.
The NodeZero Platform by Horizon3.ai's endpoint security effectiveness feature impacts my understanding of potential security threats by showing what can actually be exploited.
I would assess The NodeZero Platform by Horizon3.ai's impact on my organization's remediation time as very high.
The NodeZero Platform by Horizon3.ai has not necessarily reduced my penetration testing costs, but it could; however, it has certainly increased our security posture, which could essentially allow me to reduce my penetration testing costs.
I would rate this review a 10.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Effortless Penetration Testing with Easy Deployment
Fantastic Potential, But Deployment is a Struggle
Powerful, Intuitive Automated Pentesting with Fast, Actionable Insights
Performance is excellent, producing actionable insights quickly and accurately. Pricing feels reasonable as well, with a strong ROI thanks to identifying vulnerabilities before they can be exploited. Onboarding is straightforward and seamless, and it’s backed by excellent customer service. NodeZero’s AI capabilities further elevate its effectiveness by continually learning and evolving to adapt to new threats. Overall, it’s a powerful solution for proactive security management.
Cost: Although the pricing can deliver good ROI, it may still feel expensive for smaller organizations or teams working with limited budgets.
Integration Limitations: Some users may find the integration options with certain third-party tools to be limited, especially when compared to competitors.
False Positives: As with many automated testing tools, NodeZero may produce false positives, which means users may need to spend additional time validating results.
Dependency on AI: The tool’s strong reliance on AI could be a concern for organizations that prefer more manual control over their testing processes.
Continuous testing has improved security visibility and validates defenses across critical systems
What is our primary use case?
My main use cases for The NodeZero Platform by Horizon3.ai primarily focus on determining how secure our environment is. I always pitch to various customers that they need to understand how secure their environment is. Specifically, I help them assess how secure it would be if an attacker breaches into any of their critical systems such as domain controllers or systems with entire admin access.
I evaluate what lateral movements an attacker could carry out into other critical systems and critical servers in their environment, and how they could steal their crown jewels. It is essential to know all of this and see it in your environment so you can take up the necessary defense that is needed.
How has it helped my organization?
The NodeZero Platform by Horizon3.ai has impacted my company positively. Whenever we deploy anything new, either a server or a DNS server, we are able to easily conduct a quick test with The NodeZero Platform by Horizon3.ai to know how secure that server is from wherever it has been placed. This quick test has enabled us to have peace of mind knowing that we are able to identify either the security lapses that may be available or not, and we are able to get that information quickly, just with a few clicks of the button.
What is most valuable?
The features I appreciate most about The NodeZero Platform by Horizon3.ai are as follows. First, the ease of deployment is exceptional. The deployment is very easy, taking under ten minutes to complete. Second, the process of initiating a pentest is very well detailed and straightforward. A new graduate out of school can make use of this platform effectively. Third, the detailed reports are outstanding. The detailed reports make it easy for everyone involved. They have something for executives, the network team, and the vulnerability and threat team. The reports are all well detailed, so those are the three main reasons why I appreciate The NodeZero Platform by Horizon3.ai.
What needs improvement?
Improving The NodeZero Platform by Horizon3.ai should include having audit logs on the platform. For instance, if a user deletes a pentest from the platform, it would be beneficial if audit logs could show that a particular user deleted a pentest on a specific date and time. An audit log trail would be very valuable for the platform.
Second, it would be helpful to have a dashboard or feature that showcases the NodeZero runners and their download speed or whatever is being used. When you are using a runner to run a pentest, it would be beneficial to see the module logs and everything that is being run before the runner kicks off and shows up on the dashboard. If those two things could be added, it would significantly improve the platform.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for four or more years.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is extremely stable. Every single attack configuration is safe to run in a production live environment. All of the various attack configurations and all of the various NodeZero RAT tools and RAT modules that are injected during the pentest are safe to run. They have been tested by the NodeZero engineering teams and they are safe to run in a live environment without impacting the environment whatsoever.
They do not bring down the network, do not bring down any critical infrastructure or systems, and do not leave breadcrumbs behind on any server. I have been using the tool for four or more years and there has not been an instance whereby The NodeZero Platform by Horizon3.ai breaks anything.
What do I think about the scalability of the solution?
The scalability of The NodeZero Platform by Horizon3.ai is very good. For internal pentest, you can deploy as many Docker hosts as you want. You can also run external pentest. The platform offers various insider threats, segmentation tests, phishing tests, and PCI DSS tests. There are so many options and capabilities that The NodeZero Platform by Horizon3.ai can provide.
How are customer service and support?
The customer service and technical support of The NodeZero Platform by Horizon3.ai is a very good feature. They have online chat support and they are very quick to respond. If the chatbot cannot give you the right answer that you need, you can talk to a human who is always available to assist with whatever critical questions you may have for the tool. The chat support on the platform is very fast. Also, the support through the support channel via email is very quick to answer and very responsive, providing critical answers and critical solutions as quickly as possible.
Which solution did I use previously and why did I switch?
I have not used a different solution before choosing The NodeZero Platform by Horizon3.ai; this was my first autonomous pentest tool.
There was a time when my company conducted a proof of concept of another solution before choosing The NodeZero Platform by Horizon3.ai. I cannot remember the name of that company now, but we did not proceed with that solution. We decided to stick with The NodeZero Platform by Horizon3.ai.
How was the initial setup?
My experience with the deployment of The NodeZero Platform by Horizon3.ai is that deployment is as easy as it gets. Within ten minutes, you should be done deploying the NodeZero OVA. After your environment check is done and everything looks good, under five minutes you should have already started a pentest. The deployment is as smooth and easy as it gets.
What about the implementation team?
I did not use an integrator, reseller, or consultant for the deployment of The NodeZero Platform by Horizon3.ai.
What was our ROI?
The return on investment from The NodeZero Platform by Horizon3.ai is almost one hundred percent. While it is not replacing the role of critical pentests conducted by pentesters, the fact that you can use the platform to run as many pentests as you want depending on your license and asset count means you can test your infrastructure as often as you want and anytime you want. This makes full value of your money possible. You get full value of your money for the investment.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup cost, and licensing for The NodeZero Platform by Horizon3.ai is that since we charge by license allocation, the pricing for our MSP license is fair and very good. The pricing is great.
Which other solutions did I evaluate?
There was a time when my company conducted a proof of concept of another solution before choosing The NodeZero Platform by Horizon3.ai. I cannot remember the name of that company now, but we did not proceed with that solution. We decided to stick with The NodeZero Platform by Horizon3.ai.
What other advice do I have?
My advice or recommendation to other companies considering The NodeZero Platform by Horizon3.ai is that they should not waste time because this is a very great tool. It is a much-needed tool in your security infrastructure because it helps you to know what you can see from various segments and what an attacker can reach from whatever VLAN. It is a very good tool and it gives you full visibility. I would rate The NodeZero Platform by Horizon3.ai a nine out of ten.