Launch — limited slots
WebApp Pentest
$1,299 $3,499
Max 100 endpoints, 2 RBAC roles. AI scan + human review.
- ✗ HIPAA / PCI-DSS / ISO 27001 / SOC 2
- → Standard scoping
Transparent pricing
One size doesn't fit all.
From a WebApp $1,299 promo to full Annual Coverage. Same care at every tier.
AI Pentest
$2,499
Full AI scope across web + API + cloud surface. Human-reviewed.
- ✗ HIPAA / PCI-DSS / ISO 27001 / SOC 2
- → Standard scoping
Recommended
Manual Pentest
$4,999
Full manual engagement + 1 free re-test included.
- ✓ HIPAA / PCI-DSS / ISO 27001 / SOC 2
- → Standard scoping
Annual Coverage
Custom
4 Manual + 8 AI / yr. Limited Clients — application required.
- ✓ HIPAA / PCI-DSS / ISO 27001 / SOC 2
- → Limited Slots — application required
Real tools. Real findings. Reviewed by a human.
AI Pentest vs Manual Pentest
| Feature | AI Pentest | ● Manual Pentest |
|---|---|---|
| Price (from) | $2,499 | $4,999 |
| Tooling | Custom Pentest Agent (Anthropic Cyber Verification Program) — real-world offensive tools | Hands-on by Edoardo (CPENT / LPT Master / OSCP) |
| Human review | ✓ | ✓ |
| Pentester-signed report | ✗ | ✓ |
| Valid for HIPAA / PCI-DSS / ISO 27001 / SOC 2 | ✗ | ✓ |
| Typical turnaround | 24–48 hours | 72 hours |
| Re-test included | — | 1× free re-test |
| Best for | Continuous testing, dev cycles, internal hygiene | Annual audit cycles, regulated workloads |
Indicative scope: the WebApp Pentest launch promo covers a single web application of up to ~100 endpoints and 2 RBAC roles. AI and Manual engagements scale to your environment — additional apps, APIs, cloud accounts, and user roles increase scope. Final scope, price, and turnaround are confirmed in your Rules of Engagement before any testing begins.
Volume-based
Vulnerability Scanning estimator
$1 per device, per scan. Scale up or down each month.
Annual Coverage — Limited Roster
We work with a small roster
— by design.
Annual Coverage is application-only. We protect quality by capping the number of accounts we maintain. If you're scoping continuous offensive testing across the year, start an application.
Pricing FAQ
Why is the AI Pentest 30% cheaper? +
The AI does the breadth work — running the same offensive tools a human would, in parallel, in days instead of a week. The human focus stays on judgment: filtering false positives, prioritizing severity, and contextualizing findings against your business.
Why isn't the AI Pentest valid for compliance audits? +
Compliance frameworks (HIPAA, PCI-DSS, ISO 27001, SOC 2) require evidence of testing performed and signed by a certified pentester. Our AI reports are not pentester-signed, so they don't meet that bar. Manual Pentest does.
What does 'Limited Clients' actually mean? +
Annual Coverage is intake-limited each year. We'd rather have a small number of clients we know deeply than a large book where service drifts. Apply via /apply and we'll review personally.
Do you offer one-off scans? +
Yes — Vulnerability Scanning is per-endpoint, per-scan ($1 each). Use the estimator above. AI Pentest and Manual Pentest are also one-off engagements.
How soon can you start? +
Most engagements kick off within 1–2 weeks of scoping. Annual Coverage onboarding starts the calendar quarter after acceptance.
Do you sign NDAs? +
Always. We sign your NDA before any scoping conversation that touches sensitive details.
Next step
Ready to test what you've built?
Most engagements start with a 5-minute scoping form. No sales call required.