Running a Rapid Response Test

In many cases the Rapid Response Activity Cards will have a button on them to run a Rapid Response test. A Rapid Response test is a type of targeted test during which NodeZero will check for that vulnerability and attempt to exploit it benignly to assess its severity. NodeZero will not look for or report on any other vulnerabilities during a Rapid Response test. To get started, simply click on the 'Test Now' button in the upper right corner of the activity card.

Once you've clicked the 'Test Now' button you'll be brought to the Rapid Response Test page. This page is used to configure your Rapid Response test.

The first field you will see is the Rapid Response Test dropdown. It will be populated with the name of the test from the card that you clicked the 'Test Now' button on. You can however change which Rapid Response test you run by selecting a different test from the dropdown. Details from the activity card will be displayed below the selected test.

Next you will need to select the test type: Internal or External pentest.

Next add the scope you'd like to test. This could be a single IP or a block of IPs. Optionally you can provide IP(s) to exclude from the test. For External tests, you can add individual public IPs and subdomains to the scope.

If you selected an Internal test type, you'll have the option to select a runner. Runners must be pre-configured before they will be available in the dropdown.

The final step is to click on the 'Run Pentest' button. If you're running an Internal test without a runner, you'll need to copy and paste the curl one-liner onto your Docker host. External tests are launched automatically from Horizon3's cloud and require no further action.

You've started a Rapid Response Test

NodeZero sends an email once the Pentest completes.