What needs improvement with Horizon3.ai?

The NodeZero Platform by Horizon3.ai could be improved by reducing the elapsed time from identifying a zero-day vulnerability from their QA environment to their production environment.

Apart from the licenses, specifically the tenant-based licenses that were mentioned, I would like to see more deep investigation of different environments in The NodeZero Platform by Horizon3.ai, especially in cloud. A proper mapping of assets and maybe some kind of map where I can actually see what devices or accounts are connected to each other would help a lot with the investigation and prioritization of things. There are missing features in The NodeZero Platform by Horizon3.ai that I would like to see included in the next release or some functionality that I would like to see enhanced in it in the future, as they have already spoken of web application testing, so that is something I am looking forward to. API testing would be nice to see. I think it is coming right after the web application testing. However, the one thing that is very much asked from us as a service provider is DAST testing, so when a company is building a software, they could see their current security status while they are building the application.

At present, the platform is relatively rigid in how it operates and offers limited flexibility to align with individual user preferences or organisational requirements. While this structured approach has advantages in maintaining consistency, it can also be restrictive in practice. In particular, greater flexibility around reporting and risk scoring would add significant value. For example, the ability for users to adjust or contextualise vulnerability ratings based on their own environment, risk appetite, or compensating controls would make the reporting more adaptable and relevant to different use cases.

Improvements with The NodeZero Platform by Horizon3.ai are already underway; many people mention infrastructure testing is well-handled, but they seek better web application testing, which is currently in beta, as noted by their CEO, Snehal, and once it comes to market, we will demo it for our partners. Regarding the needed improvements, I think their Tripwire, Insights, and Rapid Response add-ons are good, but web application testing is what is predominantly requested, which we know is coming soon.

I think The NodeZero Platform could improve by leveraging GPUs for password cracking, which would be pretty good.

One of the things that we've shared with Horizon is just the reporting. They've made a lot of changes over time, but when examining computers, most average normal people don't look at a computer and identify it as 114.82.117.180. They identify it as 'the printer for accounting.' When many of the reports give the very detailed technical IP address or serial number, that's really not helpful for anyone other than the person, the hands-on person that's trying to remediate it. All the managers, all the leaders, having information in that format isn't helpful. Being able to have information about what those devices are would be very helpful. There's a technical reason they can't just have an easy button because some people have really complicated networks. When examining things for the average company, the average executive, that 114 number, there's only one of those. But if examining an AT&T or a Walmart, it isn't unique. They haven't solved that problem. But for the 90% of companies, being able to have just a human readable name for all devices on your network in all of the reports all of the time would be the most beneficial.

I started with The NodeZero Platform when it was less mature. Anytime I encountered something annoying or identified a gap that needed attention, they had already fixed or added it by the time I would have requested it. The product is being rapidly developed at this stage. There really isn't anything feature-wise that I would request or change because it's a good product. It does what it claims and excels at finding issues and covering large environments so humans don't have to perform repetitive tasks for extended periods. This allows us to focus on what's important: fixing and protecting systems. If there was one thing I would change, I would want their consulting licensing to return to being unlimited.

One significant area to focus on is external vulnerabilities, particularly in the web application space. This often requires a greater level of human ingenuity, as it typically involves navigating a webpage, creating an account, and testing for various vulnerabilities, such as SQL injection. Adding this capability would be a valuable enhancement.

One of the areas where improvement is needed is in the visibility and reporting for large enterprises. The existing GUI or NodeZero insights provide better visibility, but there's still room for enhancement. Moreover, there is a need to automate interactions with other systems, particularly in triggering or opening tickets in ServiceNow ( /products/servicenow-reviews ). Adding the application layer would also be valuable for clients.

I haven't really come across anything that I say needs to be improved with it, other than the container runner, which tends to lose time. It does not always sync with the cloud versions, so I have to do it manually.

We run the penetration testing and look at the reports. The reports are quite useless. We are looking for a different product. The tool did not help enhance our organization's cybersecurity posture. The reports had a lot of false positives. They didn't detect anything. The tool didn’t identify any vulnerabilities. The solution must detect threats and vulnerabilities.