ID/ VBE-PT1
INTAKEOPEN
MODE/ SCOPED
LED BY/ HUMAN
RETEST/ 30 DAYS
Scoped engagement · Human-led

The pentest report your buyer is asking for.

Our smoke test runs daily and proves what’s exploitable. A pentest is a different thing: agreed scope, rules of engagement, and an audit-grade report signed by the engineer who ran it.

Signed report · 30-day retest included · Written rules of engagement

Someone asked you for a pentest report

A scan result is not a pentest report. If any of these landed in your inbox this quarter, a smoke-test dashboard won’t close it.

Your customer’s security review

Enterprise procurement sends a questionnaire and asks for third-party testing evidence from the last twelve months. The deal stalls until you produce it.

SOC 2, ISO 27001, or an auditor

Your auditor wants scope, methodology, findings, and remediation evidence. See the compliance pentest requirements for what each framework actually asks for.

An insurer or an investor

Cyber insurance underwriting and technical due diligence both ask the same question: has an independent party tried to break this, and what happened?

Smoke test daily. Pentest when it counts.

Both are agent-driven. Both are verified by a human before you see them. They answer different questions, cost different money, and you probably want both.

[A] / SMOKE TEST · FROM $19/MO
“Did this deploy break anything?”
  • Runs continuously, re-tests every deploy
  • 310+ probes, unauthenticated and single-role
  • Findings land in Slack with a fix prompt
  • Engineer verifies before it reaches you
turnaround: ~60 seconds output: a ticket with a receipt answers: is it broken today?
[B] / PENTEST · SCOPED ENGAGEMENT
“Can a determined attacker get in, and can I prove we checked?”
  • Runs once, against a scope you signed off on
  • Authenticated, multi-role, business-logic chains
  • Findings land in an audit-grade PDF
  • Engineer leads the engagement and signs the report
turnaround: 5–10 business days output: a report your buyer accepts answers: can we sell to this customer?

Most teams start on the smoke test, fix what it proves, then book a pentest once a customer asks. Read the full scanning-vs-pentest breakdown.

The agent finds it. A person confirms it.

Autonomous agents are fast and occasionally confidently wrong. So nothing reaches you until a security engineer has reproduced it by hand — on the pentest, and on the $19 smoke test too.

1 · Agent probes

The agent maps the app and fires its probes, chaining three to five steps to reach a proven exploit. Everything it does is logged.

2 · Agent proves

Anything unproven is discarded on the spot. What survives carries a captured request, a captured response, and a replayable PoC.

3 · Engineer verifies

A human reproduces the exploit against your app, checks the severity is honest, and kills anything that doesn’t hold up. This is the step scanners skip.

4 · You get it

Only verified findings ship. That’s where the zero-false-positive number comes from — it isn’t a model claim, it’s a person’s job.

The same engineer writes the remediation guidance and, on a pentest, runs your retest. Our methodology page spells out what we look at and what we refuse to claim.

Priced per engagement. No surprises.

Every package includes scope intake, authenticated testing, sandbox exploit proofs, an audit-grade PDF, and a 30-day retest window.

ONE-OFF
ENGAGEMENT
$2,900once
One scoped pentest, one application. For the customer who asked this quarter.
  • Scope intake + rules of engagement
  • Authenticated, multi-role testing
  • Business-logic attack paths
  • Audit-grade PDF with engineer sign-off
  • 30-day retest window
BOOK A SCOPING CALL
ANNUAL
ANNUAL
$14,900/year
Four engagements plus everything procurement will ask you for.
  • Everything in Quarterly
  • Executive summary per engagement
  • 5-business-day retest SLA
  • Customer-facing attestation letter
  • Trend reporting across the year
BOOK A SCOPING CALL

Scope drives price. A single-page app and a multi-tenant marketplace are not the same engagement — the call is how we find out which you are. Just want continuous coverage? The smoke test starts at $19/mo.

What lands in your inbox

Four artifacts. Each one exists because a buyer, an auditor, or an engineer asked for it.

The report

Scope, methodology, findings by severity, remediation guidance, and the engineer’s name on the last page. Written to survive an auditor reading it.

The evidence

Per finding: the request, the response, the sandbox replay, and a cURL you can run yourself. No “possible SQL injection” hand-waving.

The fixes

Remediation written for your stack, plus a paste-ready prompt for Claude Code or Cursor. Same format as the smoke test ships.

The retest

Fix the findings, tell us, we re-run the engagement against them and issue a clean-bill letter you can forward to procurement.

Honest answers to real questions

Including the ones that are awkward for us.

Is this a real pentest or a scan with a PDF stapled to it?
An agent does the probing, a security engineer scopes the engagement, verifies every finding by hand, writes the report, and signs it. If that distinction matters to your auditor, ask them — it usually satisfies them.
HUMAN-LEDSIGNED
How is this different from the $19 smoke test?
The smoke test runs continuously and answers "did today's deploy break anything." A pentest runs once against a signed scope, goes authenticated and multi-role, and produces a document your buyer will accept. Different questions, different price.
SCOPEDONCE
How long does an engagement take?
Scoping call, then 5–10 business days to the report depending on route count, roles, and auth complexity. Retests run inside 5 business days on the Annual package.
5–10 DAYS
Do you test production?
If you want us to. Rules of engagement are agreed in writing first — destructive payloads, rate limits, blackout windows, and an abort contact. Most teams point us at staging with production-shaped data.
ROESAFE
Will my auditor accept the report?
It carries scope, methodology, dated findings, severity ratings, remediation evidence, and a named engineer — the fields SOC 2 and ISO 27001 assessors look for. Send us their template before the call and we'll tell you honestly if we cover it.
SOC 2ISO
What if you find nothing?
You get the report anyway, saying so, with the scope and the attack paths we tried. That document is the point. We don't pad severity to justify the invoice.
NO PADDING
Do I need the smoke test too?
A pentest is a photograph; your app changes every deploy. Quarterly and Annual bundle the smoke test for exactly this reason. On a one-off engagement it's a separate $19/mo.
BOTH
Who actually runs it?
A security engineer on our team, named in the report and reachable during the engagement. Not a marketplace freelancer you'll never speak to.
NAMED

Something we didn’t answer? → ask the team

Tell us the scope. We'll tell you the price.

Thirty minutes on a call. What you built, who's asking for the report, and when they need it. You leave with a fixed quote and a date.

  • ENGAGEMENT · ONE-OFF OPEN
  • QUARTERLY · 4 / YEAR OPEN
  • ANNUAL · SLA + LETTER OPEN
  • SMOKE TEST · $19/MO SELF-SERVE
FROM
$2,900 PER ENGAGEMENT · RETEST INCLUDED
BOOK A SCOPING CALL