NodeZero from Horizon3.ai Reviews & Product Details

I like that NodeZero behaves like a real attacker by automatically discovering, pivoting, and chaining issues, instead of simply listing vulnerabilities. It also presents clear, proven attack paths tied to business impact, so we know exactly what to prioritize and fix first. On top of that, it requires minimal setup and no agents, which makes it easier for us to move from an occasional pentest to a continuous testing cycle. Review collected by and hosted on G2.com.

At our firm, the main pain points with our NodeZero deployment have been around reporting depth, some operational friction, and the limits of scope and coverage.

From a reporting standpoint, we have found that some of the outputs are still too generic or high level when what we really need is clean, per asset detail that we can hand directly to the operations team without a lot of massaging. We do get solid attack path narratives, but if I want very granular, host by host views or highly tailored executive ready decks, I still have to augment the out of the box reports.

Finally, we have seen that results are only as good as how we scope in our environment. If we are conservative with IP ranges or segment placement, NodeZero simply can’t discover or chain certain attack paths, and the output can look underwhelming. That is not a flaw in the engine so much as a practical limitation, but it does mean we have to be intentional about scoping if we want the kind of attackers eye view we are expecting. Review collected by and hosted on G2.com.

NodeZero from Horizon3.ai impresses me with its proactive approach to cybersecurity testing. I appreciate how it automates advanced attack simulations, helping organizations identify vulnerabilities before malicious actors can exploit them. Its ease of use, comprehensive reporting, and continuous learning capabilities make it a powerful tool for strengthening security posture. Review collected by and hosted on G2.com.

One potential drawback of NodeZero from Horizon3.ai is that, like any automated security tool, it may generate false positives or overlook some nuanced vulnerabilities. Additionally, some users might find the setup or integration process complex depending on their existing infrastructure. It's important to ensure proper configuration and continuous monitoring for optimal resul Review collected by and hosted on G2.com.

NodeZero from Horizon3.ai is an impressive automated penetration testing tool built for modern cybersecurity needs. The UI/UX is intuitive and easy to navigate, so both seasoned experts and newcomers can use its features without friction. It also integrates smoothly with existing tools, which helps streamline workflows while still delivering thorough assessments.

Performance is excellent, producing actionable insights quickly and accurately. Pricing feels reasonable as well, with a strong ROI thanks to identifying vulnerabilities before they can be exploited. Onboarding is straightforward and seamless, and it’s backed by excellent customer service. NodeZero’s AI capabilities further elevate its effectiveness by continually learning and evolving to adapt to new threats. Overall, it’s a powerful solution for proactive security management. Review collected by and hosted on G2.com.

Complexity for Beginners: Even with its user-friendly UI, the more advanced features can still come with a learning curve for people who are new to penetration testing or cybersecurity.

Cost: Although the pricing can deliver good ROI, it may still feel expensive for smaller organizations or teams working with limited budgets.

Integration Limitations: Some users may find the integration options with certain third-party tools to be limited, especially when compared to competitors.

False Positives: As with many automated testing tools, NodeZero may produce false positives, which means users may need to spend additional time validating results.

Dependency on AI: The tool’s strong reliance on AI could be a concern for organizations that prefer more manual control over their testing processes. Review collected by and hosted on G2.com.

I definitely like the documentation and the community around NodeZero from Horizon3.ai. The sales team was great, and the presales engineer had extensive product knowledge and was willing to share as much as possible. I also really appreciate the reporting features, particularly the board or executive reports. These reports are easy to manipulate and get into our board's hands for an overall review. The onboarding process is really helpful, as it simplifies the toughest part of a new implementation and raises the team’s level of product knowledge efficiently. Review collected by and hosted on G2.com.

I think we should have bought some onboarding hours and really leaned into that. The initial setup was just okay and done ad hoc. From my team and from the NodeZero team. So I think if we'd have taken it from a more rigid plan with a statement of work and what success actually looks like. We were kinda building it on the fly. So I think it's just a solid what does success actually look like. Review collected by and hosted on G2.com.

I like that I can schedule regular pen tests with NodeZero from Horizon3.ai. It automatically runs the tests monthly, so I don't have to remember to do them, and then it notifies me when they are complete. This feature simplifies the process for me and allows me to check the report to take necessary actions. Additionally, I appreciate that the platform provides action items and remediation advice for most vulnerabilities it finds, which saves me time by not having to figure out how to patch the problems myself. I also found the initial setup very easy, with help from their team through a Zoom session. Review collected by and hosted on G2.com.

I'd love it if we could whitelist certain vulnerabilities that we consider 'noise'. Things that are low risk (3 and below). Just as an option for us...not necessarily do that for anything it finds in that range...but if I see it, I'd like to be able to check a box that says 'don't notify me about this one again.' Review collected by and hosted on G2.com.

The ability to run on-demand penetration tests and vulnerability scans has changed how we verify whether we’ve successfully mitigated a specific threat. Review collected by and hosted on G2.com.

Often, the runner VM loses sync with NodeZero during testing and has to be restarted. Review collected by and hosted on G2.com.

I really appreciate using NodeZero from Horizon3.ai for its capability to run continuous pen testing on our internal and external environments. It does a fantastic job of identifying security vulnerabilities and prioritizing them, enabling us to focus on remediation efforts with minimal effort but maximum impact. I love the ability to validate that fixes are successfully implemented, which helps keep the environment secure. NodeZero effectively improves the security of the entire organization by listing vulnerabilities and increasing their severity based on their role in attack chains. The continuous testing feature is huge for rerunning tests after fixes and consistently staying updated with new features. It's a big improvement compared to traditional pen tests, which are less frequent. The prioritization aspect helps our understaffed security team focus on the most critical vulnerabilities rather than on raw numbers of critical or high vulnerabilities, which aren’t always exploitable. Plus, Horizon3.ai's team was great at helping us set up the initial scans, allowing us to be up and running in less than 24 hours. Review collected by and hosted on G2.com.

I really don't have any significant issues with NodeZero from Horizon3.ai. Because of our near continuous pen testing, we sometimes have scans that will run a little bit longer and overrun the start time of the next scheduled scan. But that is a relatively easy fix. Review collected by and hosted on G2.com.

I love that there is no limit on how many times you can run a pentest. If you find any issues you can address them and re-run the pentest for a better report. Review collected by and hosted on G2.com.

The minimum requirements for the virtual machine are not accurate when it comes to the amount of memory needed. I would recommend allocating 24GB or more to avoid out of memory errors during the pentest. Review collected by and hosted on G2.com.

I like NodeZero from Horizon3.ai for its intuitive interface, which makes it easy to navigate the different sections of the portal. I also appreciate the remediation assistance it offers, as it provides steps to fix vulnerabilities. Additionally, the initial setup of NodeZero was very easy, which was a nice plus. Review collected by and hosted on G2.com.

I believe the external pentest can be improved to offer similar depth as the internal pentest. The external pentest can incorporate aspects of application vulnerability scans. Review collected by and hosted on G2.com.

I like that NodeZero from Horizon3.ai is pretty simple to use and straightforward to deploy and maintain. The UI or web GUI is clear and not complicated, which I appreciate. It's quite easy to use, which makes network visibility better and identifying vulnerabilities clear, helping in improving patching. The ease of setting it up is also a plus, as it literally took us just one hour to get it up and running. Review collected by and hosted on G2.com.

na Review collected by and hosted on G2.com.