Effortless Setup, Immediate Security Insights
What do you like best about the product?
I like that the setup for NodeZero from Horizon3.ai was easy and quick. Their team was really helpful in getting us set up properly and helped us come up with an effective game plan. The reporting feature has been good, providing quick value and insights from the platform. I appreciate being able to turn those findings over to the appropriate teams to remediate issues.
What do you dislike about the product?
We haven't found anything we wished it would do that we were wanting.
What problems is the product solving and how is that benefiting you?
I use NodeZero from Horizon3.ai for network segmentation and penetration testing. It helps validate our configurations, identify attack paths, and quickly gain insights for remediation.
Automated pen tests have strengthened security and provide detailed monthly remediation insights
What is our primary use case?
I have been using The NodeZero Platform by Horizon3.ai for about three years now.
I use The NodeZero Platform by Horizon3.ai to run scheduled penetration tests against my internal and external network resources.
I recently changed my hosting service and web hosting service, and along with that change, I decided to run another penetration test against it to ensure everything was functioning properly. I did find a vulnerability which I was able to quickly address and resolve.
I run this once a month in general, although I will run it whenever something new is introduced into my infrastructure. My monthly run reports provide me with data that I can review, and if I find anything in there that I did not see before, I can address it.
What is most valuable?
One of my favorite features of The NodeZero Platform by Horizon3.ai is the scheduling feature, which means I do not have to remember to run the penetration tests. Another feature I really appreciate is the remediation tasks that it provides. When it offers remediation guidance, it gives me steps to resolve the issue, which saves me time in determining what I need to do to remediate a certain vulnerability.
The remediation steps provided by The NodeZero Platform by Horizon3.ai are usually quite detailed and helpful. Occasionally, I will get one that does not offer a lot in the way of specific steps because the device on which it found the vulnerability is not a standard device that it recognizes. However, if it is a Windows box or Linux box, it is very good about giving me accurate information.
I believe that The NodeZero Platform by Horizon3.ai has kept me safer in a cybersecurity sense. It is one of a couple of different products I use for that purpose, but because I have cybersecurity insurance, I am required to run pen tests at least once a year. This product allows me the opportunity to run it as many times as I want, which is very beneficial because when new things are introduced into my network, I may not be able to identify these vulnerabilities until I run my next penetration test, which could be up to eleven months later.
Because I stay on top of these things, I am not usually caught off guard with a security issue that suddenly appears. I see them monthly and I do not have to generally perform any sort of emergency response that I would have had to do in the past when I had nothing in place.
What needs improvement?
I would love it if I could whitelist certain vulnerabilities that I consider not especially significant with The NodeZero Platform by Horizon3.ai. The NodeZero Platform by Horizon3.ai classifies them based on severity, and the severity for a lot of these things, such as threes, ones, and 0.01s, are generally things that I do not care too much about. I want to see them in a report when they appear the first time, but I would love it if I could simply check that one and indicate that I do not want to see a report about this one again because I am not going to take action on it.
For how long have I used the solution?
I have been working in this field for around thirty years.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is quite stable.
What do I think about the scalability of the solution?
It is kind of difficult for me to comment on The NodeZero Platform by Horizon3.ai's scalability because I have not had to change the scale. It certainly works fine in my rather small environment, but since I have not run it in a very large network environment, I cannot really say much more than that.
How are customer service and support?
Customer support for The NodeZero Platform by Horizon3.ai is awesome. I love the chat person I work with on chat. She is always super responsive and very patient and is able to get to the bottom of my problems, which are fairly infrequent. At the beginning, there were a few little hiccups that I was causing through some misunderstanding on my part, but she was very good.
Which solution did I use previously and why did I switch?
I previously used Fortelist, an annual service that they provided to run penetration tests on my network. The reason I switched is because I wanted to be able to run penetration tests more frequently, and it simply would not have been cost-effective to do it more often than one time a year. That is the main reason for the change.
How was the initial setup?
Interestingly enough, I have used that quite a bit in the past. The last time I ran my pen test, I for whatever reason was not able to quickly retest as conveniently as before. I am not really sure why that is, and I probably should just talk with Horizon3.ai about that.
Certainly, time has been saved with The NodeZero Platform by Horizon3.ai, and I would imagine money has been saved from the previous way of doing my pen tests, which were a yearly pen test that were quite expensive to do. There has been no change in employment or employees, but as far as the licensing costs, I think that was a big win for me.
What about the implementation team?
I did not have involvement in the evaluation process. I was not the one who evaluated it; I was the one who implemented it.
What was our ROI?
I believe The NodeZero Platform by Horizon3.ai has helped reduce my pen testing costs, but I cannot tell you exactly how much as I am not the person who paid for those services. However, I believe it was a significant reduction.
What's my experience with pricing, setup cost, and licensing?
I cannot really speak to the pricing as I was not involved in the purchase of it or any of the costs. I was the one that implemented it, and for that, I give it a thumbs up—it was awesome.
Which other solutions did I evaluate?
I think everything else is fine.
What other advice do I have?
The first time you run a test with The NodeZero Platform by Horizon3.ai, be prepared to triage because you are going to find things you had no idea you had.
It is because I have not had any serious problems for a long time. I would say that the very first time I ran The NodeZero Platform by Horizon3.ai, I did find many things such as open SFTP ports, open FTP ports, and open database ports that I was able to quickly address. I would say quickly, but it took a while because the platform found so many. However, it was super helpful because I did not have a single way to find those things before.
I give this review a rating of nine.
Efficient Pen Testing with Actionable Insights
What do you like best about the product?
I like that I can schedule regular pen tests with NodeZero from Horizon3.ai. It automatically runs the tests monthly, so I don't have to remember to do them, and then it notifies me when they are complete. This feature simplifies the process for me and allows me to check the report to take necessary actions. Additionally, I appreciate that the platform provides action items and remediation advice for most vulnerabilities it finds, which saves me time by not having to figure out how to patch the problems myself. I also found the initial setup very easy, with help from their team through a Zoom session.
What do you dislike about the product?
I'd love it if we could whitelist certain vulnerabilities that we consider 'noise'. Things that are low risk (3 and below). Just as an option for us...not necessarily do that for anything it finds in that range...but if I see it, I'd like to be able to check a box that says 'don't notify me about this one again.'
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai helps us identify vulnerabilities in our network. It automates pen test scheduling, so I don't have to remember to run them. It provides remediation advice for vulnerabilities, saving time by guiding me on the best ways to patch problems.
Proactive Cybersecurity Testing
What do you like best about the product?
NodeZero from Horizon3.ai impresses me with its proactive approach to cybersecurity testing. I appreciate how it automates advanced attack simulations, helping organizations identify vulnerabilities before malicious actors can exploit them. Its ease of use, comprehensive reporting, and continuous learning capabilities make it a powerful tool for strengthening security posture.
What do you dislike about the product?
One potential drawback of NodeZero from Horizon3.ai is that, like any automated security tool, it may generate false positives or overlook some nuanced vulnerabilities. Additionally, some users might find the setup or integration process complex depending on their existing infrastructure. It's important to ensure proper configuration and continuous monitoring for optimal resul
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai addresses the critical problem of identifying security vulnerabilities through automated penetration testing. By simulating real-world attacks, it helps organizations proactively discover and fix weaknesses before malicious actors can exploit them. This benefits me by providing a clearer understanding of my security posture, reducing the risk of breaches, and saving time and resources compared to manual testing methods. It ultimately enhances overall cybersecurity resilience
Effortless Pentesting with Intuitive Insights
What do you like best about the product?
I like NodeZero from Horizon3.ai for its intuitive interface, which makes it easy to navigate the different sections of the portal. I also appreciate the remediation assistance it offers, as it provides steps to fix vulnerabilities. Additionally, the initial setup of NodeZero was very easy, which was a nice plus.
What do you dislike about the product?
I believe the external pentest can be improved to offer similar depth as the internal pentest. The external pentest can incorporate aspects of application vulnerability scans.
What problems is the product solving and how is that benefiting you?
I use NodeZero from Horizon3.ai to run regular internal pentests and password audits, identifying attack vectors that can exploit system vulnerabilities. The intuitive interface makes navigation easy, and remediation assistance provides steps to fix vulnerabilities.
Automated security testing has improved risk prioritization and reduced remediation efforts
What is our primary use case?
My main use case for The NodeZero Platform by Horizon3.ai includes pen testing and vulnerability management. I use The NodeZero Platform by Horizon3.ai to run weekly external and internal scans to identify configuration issues, software vulnerabilities, or misconfigurations.
How has it helped my organization?
The NodeZero Platform by Horizon3.ai has positively impacted my organization by allowing my security team to be more efficient and focus on the most valuable work at the highest criticality. My team's efficiency has improved by identifying what is truly a cybersecurity risk, allowing us to filter out vulnerabilities that are not exploitable and not worth the time and effort to remediate.
What is most valuable?
The best features The NodeZero Platform by Horizon3.ai offers include addressing security threats introduced by misconfigurations, identity, and vulnerability.
The NodeZero Platform by Horizon3.ai helps me identify security threats from misconfigurations or identity issues by conducting weekly scans of my entire environment to identify issues as an attacker would perceive them, starting from a patient zero.
What needs improvement?
The NodeZero Platform by Horizon3.ai could be improved by reducing the elapsed time from identifying a zero-day vulnerability from their QA environment to their production environment.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for four years.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai is stable.
What do I think about the scalability of the solution?
The NodeZero Platform by Horizon3.ai is very scalable.
How are customer service and support?
The customer support is excellent.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
What's my experience with pricing, setup cost, and licensing?
I had a very good experience with pricing, setup cost, and licensing.
Which other solutions did I evaluate?
I evaluated other options before choosing The NodeZero Platform by Horizon3.ai, specifically Pantera.
What other advice do I have?
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to do yourself a favor and see what the product will find. The platform's real attack capabilities have helped in identifying vulnerabilities in my on-premises systems by allowing us to find even systems that made it off inventory; there is nowhere to hide from The NodeZero Platform by Horizon3.ai.
The NodeZero Platform by Horizon3.ai's endpoint security effectiveness feature impacts my understanding of potential security threats by allowing me to assess the efficacy of the EDR solution. The NodeZero Platform by Horizon3.ai has improved my remediation times in a meaningful way and has helped reduce my pen testing costs by approximately 25 percent. I would rate this product 8 out of 10.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
NodeZero: A Game-Changer for Prioritizing Urgent Cybersecurity Issues
What do you like best about the product?
NodeZero has been a game changer for my team, helping us focus on the most relevant and urgent cybersecurity issues affecting our specific environment.
What do you dislike about the product?
There is occasional lag when moving issues from QA to Prod.
What problems is the product solving and how is that benefiting you?
Resource constraints are a constant challenge, especially when deciding how to deploy limited time and capacity against the most pressing, highest-value work in cyber defense. Node Zero helps me do more with less by keeping my focus on what matters most.
Effortless Network Visibility and Security
What do you like best about the product?
I like that NodeZero from Horizon3.ai is pretty simple to use and straightforward to deploy and maintain. The UI or web GUI is clear and not complicated, which I appreciate. It's quite easy to use, which makes network visibility better and identifying vulnerabilities clear, helping in improving patching. The ease of setting it up is also a plus, as it literally took us just one hour to get it up and running.
What do you dislike about the product?
na
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai gives us network visibility, shows how strong or weak our network is, and details vulnerabilities. It helps our network security engineers easily patch issues, enhancing our network security from a vulnerability perspective.
Unlimited Pentest Runs Make It Easy to Improve and Re-Test
What do you like best about the product?
I love that there is no limit on how many times you can run a pentest. If you find any issues you can address them and re-run the pentest for a better report.
What do you dislike about the product?
The minimum requirements for the virtual machine are not accurate when it comes to the amount of memory needed. I would recommend allocating 24GB or more to avoid out of memory errors during the pentest.
What problems is the product solving and how is that benefiting you?
Our organization has a much better security posture and more frequent pentest reports as a result of using NodeZero
Fast, Accurate, and Versatile for Multiple Penetration Testing Types
What do you like best about the product?
Speed and accuracy. Support for the multiple types of penetration testing.
What do you dislike about the product?
The installation - docker solution that can be pain in real enterprise grade networks. Customization / fine tuning is missing. Support for custom templates, custom actions.
What problems is the product solving and how is that benefiting you?
I can run multiple pentests in parallel, which helps a lot with the work that can be automated. It delivers great results in a reasonable amount of time.
