Security Testing That Fits Your Business
Continuous attack surface mapping, automated scanning, and manual testing hours — all in one subscription. No hidden fees. SSO on every plan.
Standalone Penetration Test
No subscription needed. Configure a one-off pentest engagement and get an instant price estimate.
Scope Your PentestIncident Response
Already breached? Our IR team is available on retainer for Enterprise clients, or on-demand for anyone.
Contact Us- Single domain
- Continuous attack surface mapping
- Subdomain & OSINT reconnaissance
- Certificate monitoring
- Monthly vulnerability scan
- Isolated tenant environment
- PDF reporting
- Email alerts for critical findings
- SSO (OIDC) included
- Community support
- Everything in Recon, plus:
- Weekly automated scanning
- 1 hour manual testing/month
- 2 hours AI-augmented pentesting/month
- Vulnerability trending and history
- Scheduled scans
- API access for CI/CD
- Priority email support
- Everything in Strike, plus:
- Multi-domain coverage
- 4 hours AI-augmented pentesting/month + 1 hour manual review
- Partial code review (automated + manual)
- Custom scan profiles
- Remediation tracking & verification re-scans
- Priority email support
- Everything in Offensive, plus:
- Bundled pentest days/month
- Autonomous AI red team operations
- Red team exercises
- Incident response retainer
- Dedicated pentest team
- Dedicated account manager
- Dedicated scanning infrastructure
- Self-hosted deployment
- Isolated tenant environments
- Dedicated support
Attack Surface Mapping
Know what attackers see before they act. Continuous subdomain enumeration, exposed service detection, certificate monitoring, and OSINT-driven domain reconnaissance.
Included in every plan. Start free with a one-time scan, or get continuous monitoring from €99/month.
Feature Comparison
| Feature | Recon | Strike | Offensive | Enterprise |
|---|---|---|---|---|
| Scanning | ||||
| Domain coverage | Single domain | Single domain | Multi-domain | Unlimited |
| Attack surface mapping | Yes | Yes | Yes | Yes |
| Scan frequency | Monthly | Weekly | Weekly | Continuous |
| Isolated tenant environment | Yes | Yes | Yes | Yes |
| Custom scan profiles | — | — | Yes | Yes |
| Scheduled scans | — | Yes | Yes | Yes |
| Dedicated scanning infrastructure | — | — | — | Yes |
| Continuous Pentesting | ||||
| Included manual testing | — | 1 hr/month | 2 hrs/month | Bundled days |
| AI-powered testing | — | 2 hrs/month | 4 hrs/month | Autonomous AI ops |
| Standalone pentest engagements | Available | Available | Available | Available |
| Real-time finding tracker | Yes | Yes | Yes | Yes |
| Incident response retainer | — | — | — | Yes |
| Attack Surface Mapping | ||||
| Attack surface discovery | Yes | Yes | Yes | Yes |
| Continuous ASM monitoring | Yes | Yes | Yes | Yes |
| Subdomain & OSINT reconnaissance | Yes | Yes | Yes | Yes |
| Reporting & Analysis | ||||
| PDF reports | Yes | Yes | Yes | Yes |
| Vulnerability trending | — | Yes | Yes | Yes |
| Remediation tracking | — | — | Yes | Yes |
| Dark web monitoring | — | — | — | Yes |
| Team & Integration | ||||
| Team members | Unlimited (SSO) | Unlimited (SSO) | Unlimited (SSO) | Unlimited (SSO) |
| API access (CI/CD) | — | Yes | Yes | Yes |
| SSO (OIDC) | Yes | Yes | Yes | Yes |
| Support & Infrastructure | ||||
| Support | Community | Priority email | Priority email | Dedicated |
| Dedicated account manager | — | — | — | Yes |
| Self-hosted deployment | — | — | — | Yes |
| Isolated tenant environment | Yes | Yes | Yes | Yes |
All Plans Include
Open-source platform
Fully auditable codebase under AGPL-3.0. Self-host on your own infrastructure or use our managed service. Your data stays on your systems.
End-to-end encryption
All findings and reports encrypted at rest and in transit. Your data stays yours.
Real-time finding tracker
Every finding appears on your dashboard the moment it's discovered. No waiting for the final report.
Frequently Asked Questions
Can I upgrade or downgrade my plan at any time?
Yes. Upgrades take effect immediately with prorated billing. Downgrades apply at your next renewal date.
Where is my data stored?
On the managed service, data is stored on encrypted infrastructure. Self-hosted deployments keep all data on your own systems. Either way, you retain full control over your vulnerability data and reports.
Do you offer discounts for annual billing?
Yes. Pay annually and save 17% compared to monthly billing. Annual plans are billed upfront as a single payment.
What is Attack Surface Mapping and how does it work?
Attack Surface Mapping (ASM) continuously discovers and monitors your external-facing assets — subdomains, open ports, certificates, and exposed services. A free one-time scan is available with no account required. Continuous ASM monitoring is included in every plan, starting at €99/month with Recon.
How experienced are your testers?
Our security team has hands-on experience in web application testing, network penetration, and adversary simulation.
How does the managed pentest engagement work?
You define your scope through our guided scope wizard (targets, IP ranges, testing windows, exclusions). Our team reviews it and sends you an offer with pricing and timeline — all within the platform. Once you accept, pentesters are assigned and findings appear in your dashboard in real time. When testing is complete, you download a detailed technical report.
Can I see findings during the pentest, or only at the end?
You see findings as they are logged. Each finding appears in your client dashboard with a business-level description, technical details, impact assessment, severity rating (Extreme / High / Elevated / Moderate / Low), and remediation recommendation. You do not have to wait for the final report.
Who can see my pentest data?
Only users within your organisation and the pentesters specifically assigned to your engagement. Data is separated at the application level. Each organisation's data is only accessible to its members and assigned pentesters.
How are managed pentest engagements priced?
Offensive plan subscribers can request managed engagements priced per-engagement based on scope complexity. Enterprise plans include bundled pentest engagements at volume pricing. Automated scanning is always included in your plan subscription.