At Horizon3.ai, transparency and security go hand in hand. This overview explains how the NodeZero® Offensive Security Platform protects your data during a penetration test: from launch to teardown. A more detailed version is available under NDA.
- NodeZero interacts only with data necessary to assess real risk, never collecting unrelated information.
- Raw logs are retained for up to 5 business days in an internal S3 bucket for post-test troubleshooting by a small group of highly privileged engineers.
- Credentials are processed in memory or temporary containers and securely scrubbed after use.
- All communications are encrypted in transit and at rest, with strict access controls enforced through Okta and MFA.
- No sensitive data leaves your environment without explicit authorization.
Download the Data Handling Factsheet to learn more about our processes and safeguards.