NodeZero® Runner
The NodeZero® Runner automates internal penetration testing, enabling you to schedule and manage recurring pentests remotely from the Portal. By deploying a Runner on your NodeZero Host, you can eliminate manual script execution and ensure consistent security assessments across your network.
What is a Runner
A NodeZero Runner is a component of your NodeZero Host that automates the deployment of the NodeZero Docker container for internal pentests. It syncs with the Horizon3.ai API to identify new pentest assignments and launches NodeZero to execute them, eliminating the need for manual intervention. The Runner acts as a bridge between your internal network and the Horizon3.ai Portal, enabling automated security testing.
When to use a Runner
Deploy a NodeZero Runner in these scenarios:
- Automate Testing: You want to streamline pentest deployment without manually running scripts on your NodeZero Host.
- Schedule Recurring Tests: You need to perform regular pentests to maintain continuous security monitoring.
- Scale Across Networks: You aim to test multiple network segments or perspectives by running multiple Runners.
Runners are designed exclusively for internal pentests. For external pentests, NodeZero is deployed automatically in the Horizon3.ai cloud.
Setting up a Runner
There are two methods to set up a NodeZero Runner, each tailored to different user needs and technical preferences. Both methods enable you to automate and schedule internal penetration tests efficiently through the Horizon3.ai Portal.
-
Easy Install Script (Recommended)
This method uses a pre-generated script from the NodeZero Portal to automate the entire setup process with a single command. It’s ideal for users who want a quick, hassle-free setup with minimal manual intervention, especially in standard environments where default settings are sufficient.
-
Manual Setup with h3-cli
This method involves a hands-on approach, giving you full control over each step of the setup process. It’s best for advanced users who need to customize the configuration or troubleshoot specific network conditions.
Both methods allow you to leverage the Runner’s capabilities for automation, including scheduling recurring pentests and monitoring results directly from the Portal.
Figure 1 - Overview of the two activation methods: Easy Install Script and Manual Setup.
Choose a setup method
Select one of the methods below to setup your NodeZero Runner.