My main use case for The NodeZero Platform by Horizon3.ai is C-TAM to actively scan for threats or potential threats within our environment and to help keep our environment secure. A specific example of how I have used The NodeZero Platform by Horizon3.ai for C-TAM in my environment is that we had some exposed SSH ports within a cloud provider, and we were able to clear those and close those ports up.
Horizon3.ai NodeZero Platform
Horizon3.aiExternal reviews
39 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Deep Domain Insights with a Simple Setup
What do you like best about the product?
The amount of insight it gives us into our domain with a simplified setup for in-depth results
What do you dislike about the product?
Until we renew we are on a per IP basis, not scan by hostname
What problems is the product solving and how is that benefiting you?
It is allowing us an intesive AD Password audit automation. It also allows us to find misconfigurations or unknown issues that could be used to bypass security measures.
Continuous threat scanning has improved remediation time and strengthened executive reporting
What is our primary use case?
What is most valuable?
The best features that The NodeZero Platform by Horizon3.ai offers include the automated scans, which are great to use; you set it, scope it, and let it go, which works really well. The executive reporting feature is impactful for me as a manager, providing a strong foundation to give quarterly and yearly reports to our executives and board to see the state of our infrastructure from a security standpoint.
The level of detail and clarity in the executive reports from The NodeZero Platform by Horizon3.ai absolutely helps me communicate effectively with leadership. They are detailed enough for me to extract the necessary information tailored for the executives and to provide a broader perspective on our mitigation efforts or accepted risk stance and where additional controls exist.
The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization. It allows us to run scans whenever needed, unlike a single third-party system that only provides a snapshot in time; our processes must be ongoing as the security landscape is dynamic.
NodeZero's endpoint security effectiveness feature impacts my understanding of potential security threats by providing a clear picture of both the external and internal landscapes within my organization, enabling me to prioritize and adjust as needed for vulnerabilities such as WordPress plugin issues or user enumerations and software code version assessments.
I have built The NodeZero Platform by Horizon3.ai into our weekly and monthly workflows for security CI/CD, and we scan our externally accessible assets every week to address anything quickly if it comes up. That includes our firewalls, websites, and anything that is an external web server, which we scan weekly, while the monthly scans are for internal systems that feed our security CI/CD pipeline, enabling us to action across and prioritize any vulnerabilities caught by The NodeZero Platform by Horizon3.ai.
What needs improvement?
The NodeZero Platform by Horizon3.ai is great, with an amazing MCP server and great API integration. I have utilized both and can vouch for their features. However, my team struggles with the onboarding side of our engagement, which should have been more robust; having a statement of work and a clear definition of success would have been beneficial. We faced challenges building the boat as we were launching without clarity on how we wanted to use the system, but that is the only constructive criticism I have for improvements.
For how long have I used the solution?
I have been using The NodeZero Platform by Horizon3.ai for six months.
What do I think about the stability of the solution?
The NodeZero Platform by Horizon3.ai has been very stable.
What do I think about the scalability of the solution?
So far, we have not needed to scale The NodeZero Platform by Horizon3.ai much; it is effectively doing everything we need it to do, making the question of scalability somewhat irrelevant for us.
How are customer service and support?
So far, customer support for The NodeZero Platform by Horizon3.ai has been great; we appreciate the team for always answering our questions promptly and bringing in resources as necessary. I would rate customer support for The NodeZero Platform by Horizon3.ai a 10; the team has been great in responding quickly and thoroughly explaining any questions we may have.
Which solution did I use previously and why did I switch?
We did not previously use a different solution; we just had Tenable running, which is not the same as The NodeZero Platform by Horizon3.ai.
How was the initial setup?
My experience with the pricing, setup cost, and licensing of The NodeZero Platform by Horizon3.ai has been great. The sales process with Calvin and the team was excellent, leaving me very satisfied with the implementation and support from the NodeZero sales team.
What was our ROI?
Although I do not have specific metrics indicating return on investment such as fewer employees or direct savings, the main metric is that we save time because The NodeZero Platform by Horizon3.ai is scanning continuously and allows us to track remediations within the platform. Time to resolution and verification is what I focus on most, as we can quickly verify the resolution of vulnerabilities through the one-click verify feature in The NodeZero Platform by Horizon3.ai.
Which other solutions did I evaluate?
Before choosing The NodeZero Platform by Horizon3.ai, we evaluated other options including Cymulate and Rapid7, though I cannot recall the other one.
What other advice do I have?
The NodeZero Platform by Horizon3.ai is currently deployed in a public cloud, and we plan to incorporate some on-premise capabilities as we work on network segmentation to scan other sites from remote office locations or physical sites.
For our public cloud deployment of The NodeZero Platform by Horizon3.ai, we use Azure.
What we have seen as specific outcomes indicating this positive impact is that everything external on our systems scores below two, which is really good. While we have some configuration cleanup to do, everything external is very clean now, and we identified what needs to be addressed, prioritized them, and within weeks got to a very clean state externally, though we still have ongoing work internally due to some legacy systems.
The platform's real attack capabilities help in identifying vulnerabilities in our on-prem systems by reviewing our overall posture and available layers. Given our complexity with 17 different sites in Azure, we are constantly scanning across the network, realizing that our network segmentation needs improvement. Once we enhance that segmentation, we will utilize The NodeZero Platform by Horizon3.ai at one of our remote office sites to conduct scans accordingly.
I adore the feature of The NodeZero Platform by Horizon3.ai that allows security teams to fix and retest vulnerabilities instantly, as I always want to validate the efforts and diligence put forth by my team.
I assess that The NodeZero Platform by Horizon3.ai has improved our organization's remediation time because we have fewer vulnerabilities to remediate now. Initially, we had a lot of medium vulnerabilities and a few high ones, allowing us to prioritize and resolve the high risks quickly, then address the medium vulnerabilities more methodically to add value back to the organization, which we accomplished in a timely manner.
The NodeZero Platform by Horizon3.ai is great, with an amazing MCP server and great API integration. I have utilized both and can vouch for their features. However, my team struggles with the onboarding side of our engagement, which should have been more robust; having a statement of work and a clear definition of success would have been beneficial. We faced challenges building the boat as we were launching without clarity on how we wanted to use the system, but that is the only constructive criticism I have for improvements.
The NodeZero Platform by Horizon3.ai has not helped reduce our pen-testing costs; in fact, our pen-test engagement was cheaper than the cost of The NodeZero Platform by Horizon3.ai. However, the pen test occurred only once a year and provided just a snapshot of a moment in time without follow-up for remediation validation, so we appreciated it but it did not effectively portray our organization's ongoing state.
I advise others looking into using The NodeZero Platform by Horizon3.ai to buy onboarding hours and create a statement of work since building that ad hoc is not in the best interest of the organization. It is vital to define success criteria for when the onboarding process is completed and implemented.
The NodeZero Platform by Horizon3.ai does what it is advertised and does it really well, and I would rate this review a 10.
Comprehensive Security Enhancement with Stellar Onboarding
What do you like best about the product?
I definitely like the documentation and the community around NodeZero from Horizon3.ai. The sales team was great, and the presales engineer had extensive product knowledge and was willing to share as much as possible. I also really appreciate the reporting features, particularly the board or executive reports. These reports are easy to manipulate and get into our board's hands for an overall review. The onboarding process is really helpful, as it simplifies the toughest part of a new implementation and raises the team’s level of product knowledge efficiently.
What do you dislike about the product?
I think we should have bought some onboarding hours and really leaned into that. The initial setup was just okay and done ad hoc. From my team and from the NodeZero team. So I think if we'd have taken it from a more rigid plan with a statement of work and what success actually looks like. We were kinda building it on the fly. So I think it's just a solid what does success actually look like.
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai gives us peace of mind by identifying system issues to address like configuration updates, software patching, and known vulnerabilities, protecting us from external and internal threats.
On-Demand Pen Tests and Vulnerability Scans That Transform Threat Verification
What do you like best about the product?
The ability to run on-demand penetration tests and vulnerability scans has changed how we verify whether we’ve successfully mitigated a specific threat.
What do you dislike about the product?
Often, the runner VM loses sync with NodeZero during testing and has to be restarted.
What problems is the product solving and how is that benefiting you?
Manual penetration tests are valuable, but they are point‑in‑time, expensive, and don’t keep pace with ongoing changes to the environment.
How NodeZero helps:
NodeZero provides safe, automated, and repeatable pentesting that can be run on demand or on a schedule, without agents or credentials and without disrupting production systems.
Benefit:
We now have continuous security validation and can confirm whether changes, patches, or new configurations actually reduce risk.
How NodeZero helps:
NodeZero provides safe, automated, and repeatable pentesting that can be run on demand or on a schedule, without agents or credentials and without disrupting production systems.
Benefit:
We now have continuous security validation and can confirm whether changes, patches, or new configurations actually reduce risk.
Easy to Use with Well-Structured Results
What do you like best about the product?
Ease of use and structure of information returned.
What do you dislike about the product?
Documentation can be hard to follow for first time setup and troubleshooting down the line.
What problems is the product solving and how is that benefiting you?
Tracking vulnerabilities both for the company and ongoing ones in databases around. Easily tracking vulns and listing fix actions all in one place speeds the process up.
Effortless Setup, Immediate Security Insights
What do you like best about the product?
I like that the setup for NodeZero from Horizon3.ai was easy and quick. Their team was really helpful in getting us set up properly and helped us come up with an effective game plan. The reporting feature has been good, providing quick value and insights from the platform. I appreciate being able to turn those findings over to the appropriate teams to remediate issues.
What do you dislike about the product?
We haven't found anything we wished it would do that we were wanting.
What problems is the product solving and how is that benefiting you?
I use NodeZero from Horizon3.ai for network segmentation and penetration testing. It helps validate our configurations, identify attack paths, and quickly gain insights for remediation.
Efficient Pen Testing with Actionable Insights
What do you like best about the product?
I like that I can schedule regular pen tests with NodeZero from Horizon3.ai. It automatically runs the tests monthly, so I don't have to remember to do them, and then it notifies me when they are complete. This feature simplifies the process for me and allows me to check the report to take necessary actions. Additionally, I appreciate that the platform provides action items and remediation advice for most vulnerabilities it finds, which saves me time by not having to figure out how to patch the problems myself. I also found the initial setup very easy, with help from their team through a Zoom session.
What do you dislike about the product?
I'd love it if we could whitelist certain vulnerabilities that we consider 'noise'. Things that are low risk (3 and below). Just as an option for us...not necessarily do that for anything it finds in that range...but if I see it, I'd like to be able to check a box that says 'don't notify me about this one again.'
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai helps us identify vulnerabilities in our network. It automates pen test scheduling, so I don't have to remember to run them. It provides remediation advice for vulnerabilities, saving time by guiding me on the best ways to patch problems.
Effortless Network Visibility and Security
What do you like best about the product?
I like that NodeZero from Horizon3.ai is pretty simple to use and straightforward to deploy and maintain. The UI or web GUI is clear and not complicated, which I appreciate. It's quite easy to use, which makes network visibility better and identifying vulnerabilities clear, helping in improving patching. The ease of setting it up is also a plus, as it literally took us just one hour to get it up and running.
What do you dislike about the product?
na
What problems is the product solving and how is that benefiting you?
NodeZero from Horizon3.ai gives us network visibility, shows how strong or weak our network is, and details vulnerabilities. It helps our network security engineers easily patch issues, enhancing our network security from a vulnerability perspective.
Unlimited Pentest Runs Make It Easy to Improve and Re-Test
What do you like best about the product?
I love that there is no limit on how many times you can run a pentest. If you find any issues you can address them and re-run the pentest for a better report.
What do you dislike about the product?
The minimum requirements for the virtual machine are not accurate when it comes to the amount of memory needed. I would recommend allocating 24GB or more to avoid out of memory errors during the pentest.
What problems is the product solving and how is that benefiting you?
Our organization has a much better security posture and more frequent pentest reports as a result of using NodeZero
Revolutionized Our Security with Continuous Pen Testing
What do you like best about the product?
I really appreciate using NodeZero from Horizon3.ai for its capability to run continuous pen testing on our internal and external environments. It does a fantastic job of identifying security vulnerabilities and prioritizing them, enabling us to focus on remediation efforts with minimal effort but maximum impact. I love the ability to validate that fixes are successfully implemented, which helps keep the environment secure. NodeZero effectively improves the security of the entire organization by listing vulnerabilities and increasing their severity based on their role in attack chains. The continuous testing feature is huge for rerunning tests after fixes and consistently staying updated with new features. It's a big improvement compared to traditional pen tests, which are less frequent. The prioritization aspect helps our understaffed security team focus on the most critical vulnerabilities rather than on raw numbers of critical or high vulnerabilities, which aren’t always exploitable. Plus, Horizon3.ai's team was great at helping us set up the initial scans, allowing us to be up and running in less than 24 hours.
What do you dislike about the product?
I really don't have any significant issues with NodeZero from Horizon3.ai. Because of our near continuous pen testing, we sometimes have scans that will run a little bit longer and overrun the start time of the next scheduled scan. But that is a relatively easy fix.
What problems is the product solving and how is that benefiting you?
I use NodeZero from Horizon3.ai for continuous pen testing, identifying security vulnerabilities efficiently, and prioritizing remediation efforts for maximum value. It solves the issue of infrequent traditional tests and helps focus on critical vulnerabilities, improving overall security.
showing 1 - 10