How do I buy Horizon3.ai NodeZero through AWS Marketplace, and what’s included in Pro vs Elite for 500 assets?
Autonomous Pentesting Platforms

How do I buy Horizon3.ai NodeZero through AWS Marketplace, and what’s included in Pro vs Elite for 500 assets?

9 min read

Buying Horizon3.ai NodeZero through AWS Marketplace is a straightforward way to quickly deploy autonomous pentesting across your hybrid environment, while benefiting from AWS billing and procurement workflows you already use. For organizations with around 500 assets, understanding how to purchase and what’s included in the Pro vs Elite tiers is critical for budgeting, coverage, and planning your security program.

Below is a practical breakdown of how to buy NodeZero via AWS Marketplace and what you get with Pro vs Elite for a 500-asset environment.

Why buy NodeZero through AWS Marketplace?

Subscribing to Horizon3.ai NodeZero through AWS Marketplace offers several advantages:

  • Consolidated billing – NodeZero charges appear on your AWS bill, simplifying vendor management and expense tracking.
  • Faster procurement – You can leverage existing AWS contracts, approvals, and budget lines for faster internal sign-off.
  • Scalable deployment – NodeZero is designed to test across on‑prem, cloud, and hybrid environments, so you can evaluate your AWS footprint and beyond from a single, cloud-delivered platform.
  • Security & compliance alignment – Many organizations prefer AWS Marketplace vendors because they’ve passed AWS’s baseline security and operational vetting.

If your organization is already heavily invested in AWS, Marketplace is often the fastest route to adopting NodeZero.

Step-by-step: how to buy Horizon3.ai NodeZero in AWS Marketplace

While exact button labels can change slightly as AWS updates the UI, the workflow generally follows these steps:

1. Prepare your AWS account

Before you start:

  • Confirm you have AWS Marketplace permissions to subscribe to SaaS or software products.
  • Identify which AWS account will own the subscription (e.g., security tooling account vs a shared services account).
  • Validate that NodeZero spend is accounted for in your security or cloud budget.

2. Find Horizon3.ai NodeZero in AWS Marketplace

  1. Sign in to the AWS Management Console.
  2. Go to AWS Marketplace from the Services menu or visit https://aws.amazon.com/marketplace.
  3. In the search bar, type “Horizon3.ai NodeZero”.
  4. Select the NodeZero listing that matches your region and subscription type (SaaS subscription / usage-based pricing, depending on what’s available).

Review the listing details, including:

  • Supported regions
  • Pricing model (per asset, per test, or subscription tiers)
  • Any free trial or proof-of-concept options currently offered

3. Choose your plan (Pro vs Elite) and asset count

Within the Marketplace listing, you’ll typically see different editions or pricing tiers, often including Pro and Elite options.

For a 500-asset environment:

  • Confirm that the 500-asset option (or the nearest tier that covers up to 500 assets) is selected.
  • Verify that you’re choosing Pro or Elite based on the capabilities you need (see comparison below).

The asset count is used to size your license so NodeZero can effectively test across your environment (servers, endpoints, cloud resources, etc.).

4. Configure subscription and terms

  1. Click Continue to Subscribe or Subscribe.
  2. Review the End User License Agreement (EULA) and pricing terms.
  3. Confirm billing arrangement (monthly, annual, or multi-year if offered).
  4. Click Accept Terms to finalize the subscription.

AWS will register the SaaS subscription, and NodeZero will be ready for activation.

5. Activate your NodeZero account

After subscription:

  1. In AWS Marketplace, go to Your Software / SaaS Subscriptions.
  2. Find Horizon3.ai NodeZero and click Set up your account or equivalent.
  3. You’ll be redirected to the Horizon3.ai onboarding portal.
  4. Create or link your NodeZero tenant using a business email address that aligns with your organization.
  5. Configure basic settings, such as:
    • Organization name
    • Admin users
    • Initial test profiles (e.g., internal pentest, external attack surface, cloud pentest)

Once activated, NodeZero will use dedicated, ephemeral resources in an isolated virtual private cloud to run tests safely and autonomously, without requiring you to maintain long-lived infrastructure.

What NodeZero provides out of the box

Whether you choose Pro or Elite, NodeZero is built around autonomous pentesting, not just scanning. It’s designed to:

  • Run tests across on‑prem, cloud, and hybrid environments.
  • Use one-time-use architecture in a Horizon3.ai-managed, isolated VPC for safe execution.
  • Automatically chain findings into real attack paths with demonstrated business impact.
  • Include Fix Actions with 1‑click verify, so you can remediate and immediately retest to confirm issues are closed.

Across tiers, you can leverage capabilities like:

  • Pentesting (internal, external, or both depending on tier)
  • Cloud pentesting
  • Kubernetes pentesting
  • Active Directory password audits (weak, breached, reused passwords)
  • Phishing impact testing to understand what an attacker can do with phished credentials
  • External asset discovery for identifying internet‑exposed services
  • Comprehensive reports for executives, auditors, and technical teams
  • Scheduling for recurring tests
  • Threat-informed perspectives, tripwires, and rapid response for emerging threats
  • Vulnerability Management Hub and Endpoint Security Effectiveness to validate your defensive tools

These features help you continuously validate your security controls and detect exploitable exposures with real downstream business context.

Pro vs Elite for 500 assets: what’s included?

NodeZero is offered in multiple tiers. For a 500-asset environment, the main decision is usually between NodeZero Pro and NodeZero Elite. Both leverage the same autonomous engine, but Elite is designed for organizations that need more comprehensive, ongoing testing.

Note: Horizon3.ai updates packaging and names over time. The capabilities below are based on the current feature set in the provided context. Always confirm final packaging and pricing with Horizon3.ai or your account rep.

NodeZero Pro – focus on breadth of automated testing

NodeZero Pro is ideal for organizations that want to quickly operationalize autonomous testing with strong coverage but may not need every advanced feature or the highest test frequency.

For ~500 assets, Pro typically emphasizes:

  • Core autonomous pentesting across your environment
  • External asset discovery to map your internet-facing attack surface
  • Cloud pentesting across AWS and other cloud platforms
  • Kubernetes pentesting for containerized workloads
  • Active Directory audit focused on passwords (weak, breached, reused)
  • Phishing impact testing to see real attacker outcomes from stolen credentials
  • Fix Actions with 1-click verify to close the loop on remediation
  • Comprehensive reports for compliance and leadership
  • Access to:
    • Vulnerability Management Hub (prioritization and context)
    • Endpoint Security Effectiveness validation
    • Scheduling for recurring tests
    • Threat-informed perspectives and tripwires for targeted scenarios
    • Rapid Response capabilities to run emerging-threat tests

Pro is typically the right fit if:

  • You’re starting with autonomous pentesting and want strong capabilities at a controlled cost.
  • You have a moderate level of internal security staffing to drive and interpret tests.
  • Your compliance or internal requirements do not demand the deepest or most frequent enterprise-level testing.

NodeZero Elite – deeper, continuous enterprise coverage

NodeZero Elite extends Pro’s capabilities with more extensive coverage and enterprise-grade pentesting depth.

From the provided context, NodeZero Elite includes:

  • Internal pentesting – Simulate an attacker with a foothold inside your network, identify lateral movement paths, and expose internal misconfigurations.
  • External pentesting – Test your perimeter as an external adversary would, across internet-exposed services and applications.

In addition to the broader test types above, Elite is generally positioned for:

  • Higher test frequency and more flexible scheduling for continuous validation.
  • Better alignment with mature security and compliance programs that require recurring internal + external pentests.
  • Organizations that handle sensitive data, regulated workloads, or high attack surface complexity.

With Elite for a 500-asset organization, you can:

  • Continuously test both inside and outside your environment.
  • Combine cloud, on-prem, and Kubernetes pentesting with full internal/external campaigns.
  • Leverage NodeZero Rapid Response and zero- and N-day alerting to quickly assess exposure to newly disclosed vulnerabilities, guided by Horizon3.ai’s expert attack team.
  • Use auto‑dropped honeytokens and other precision threat detection features to detect exploitable exposure and validate downstream impact.

Elite is typically the best fit if:

  • You need internal + external pentesting capabilities in a single platform.
  • Your organization is large enough or high-risk enough that continuous validation is a requirement.
  • You want to reduce reliance on manual, point-in-time third-party pentests while still satisfying regulatory expectations.

Choosing between Pro and Elite for 500 assets

When deciding Pro vs Elite for a 500-asset deployment, consider:

  1. Attack surface complexity

    • Primarily external and cloud-facing with limited internal complexity → Pro may suffice.
    • Complex hybrid environment with Active Directory, multiple segments, and critical internal apps → Elite is likely more appropriate.

  2. Regulatory and compliance requirements

    • If you must perform regular internal and external pentests, Elite will better align with expectations.
    • For lighter compliance needs where annual/biannual testing is enough, Pro may be adequate.

  3. Security team maturity

    • Smaller or growing security teams may want Elite to offload more manual work and ensure comprehensive coverage.
    • More mature teams can use Pro as a powerful engine that they orchestrate as part of a broader program.

  4. Budget and procurement constraints

    • Pro is usually the more cost-efficient entry point for 500 assets.
    • Elite offers more value for organizations that can justify higher investment for deeper, continuous testing.

How NodeZero runs tests safely in your environment

Regardless of tier, NodeZero is engineered for safe, repeatable testing:

  • Runs from the Horizon3.ai cloud – For many test types, you don’t need to maintain a Docker host; NodeZero executes from Horizon3.ai’s infrastructure.
  • Ephemeral, one-time-use architecture – Each test uses dedicated, isolated resources in a virtual private cloud, then tears them down.
  • Configurable test profiles – Use safe defaults or customize:
    • Open-Source Intelligence (OSINT) inputs
    • Exploitation types and aggressiveness
    • Network ranges and scoping for compliance

This approach gives you robust security control validation without long-lived agents or heavy deployment overhead.

Getting help, demos, and sales support

If you need help determining which edition is right for your 500-asset environment or want to validate pricing before purchasing through AWS Marketplace, you can contact Horizon3.ai directly:

  • General inquiries / HR: hr@horizon3.ai
  • Public relations: press@horizon3.ai | +1 650-445-4457

On the Horizon3.ai website, you can also:

  • Request a demo or trial of NodeZero
  • Share details such as:
    • Number of employees
    • How many pentests you run annually
    • Whether you’re securing your own organization, clients (MSSP), or acting as a reseller

This information helps Horizon3.ai tailor Pro vs Elite recommendations for your specific environment and risk profile.

Summary

To buy Horizon3.ai NodeZero through AWS Marketplace for a 500-asset environment:

  1. Log in to AWS, go to AWS Marketplace, and search for Horizon3.ai NodeZero.
  2. Select the Pro or Elite tier that matches your needs and ensure the 500-asset option (or equivalent tier) is selected.
  3. Subscribe and accept terms through AWS to enable consolidated billing.
  4. Activate your NodeZero tenant via the provided setup link.
  5. Start running autonomous pentests across your on‑prem, cloud, and hybrid infrastructure.
  • Pro delivers robust autonomous testing, cloud and Kubernetes pentesting, AD audits, phishing impact testing, and reporting—ideal for strong coverage at a controlled cost.
  • Elite builds on that with full internal and external pentesting, higher-frequency testing, and richer threat-informed capabilities—best for organizations that need continuous, enterprise-grade validation.

For final pricing, packaging details, and to confirm exactly what’s included at the 500-asset level in your region, coordinate with Horizon3.ai or your AWS account team before subscribing.

Back to Autonomous Pentesting Platforms

Keep Reading

More from Autonomous Pentesting Platforms

How do we set up Horizon3.ai NodeZero Tripwires (honeytokens) and where should we place them in AD and cloud?

Read more

Does Horizon3.ai NodeZero have an API/GraphQL or CLI, and how do we integrate results into tickets and reporting?

Read more

How do we enable Horizon3.ai NodeZero Rapid Response for KEVs/zero-days and tune alerts to our environment?

Read more