Our solution includes monthly penetration testing for a minimum of 100 assets. This continuous approach ensures that your environment is tested regularly, with real-world exploitation used to validate the true risk of any vulnerabilities.

If you require more frequent testing, such as weekly cycles, or have a higher asset count, the pricing adjusts accordingly. Frequency and scope are the two key factors in the overall cost of our service, due to increased resource allocation from our team.

Attack Surface Management is included in the base package for up to three cloud accounts. Our platform continuously scans your internal, external, and on-prem assets for misconfigurations and other vulnerabilities, feeding this information directly into our testing and to your team for remediation.

If your environment includes more than three cloud environments or requires expanded coverage across multiple business units or subsidiaries, pricing increases based on the number of accounts and complexity. This allows us to scale the testing effort proportionally to your attack surface.

One domain is monitored for dark web exposure under the base plan. This includes monthly scans for exposed credentials and breached data associated with your organization, which is then used as part of the testing process.

If you need coverage for additional domains, subsidiaries, business units, third-party vendors, or executives, these can be added individually. Each addition will raise the cost incrementally, allowing you to tailor monitoring to the scope of your business without paying for unneeded coverage.

Quarterly phishing assessments are included in our Penetration Testing as a Service (PTaaS) offering, with unlimited users. These campaigns are designed around your organization’s industry, threat profile, and risk tolerance, and they simulate real-world phishing techniques to uncover gaps in your human firewall.

If you need more frequent assessments or wish to include advanced tactics (such as targeted spear phishing or multi-stage payloads), those can be added à la carte. Pricing doesn’t scale based on user count, but rather on increased customization and campaign frequency.

Scheduled cadence meetings are built into our service at no additional cost. These meetings occur on a monthly basis and ensure ongoing communication between our team and yours. During these meetings, our team provides remediation guidance and helps your security team improve processes to boost overall security.

While our offering includes standard meeting intervals, organizations that require higher-touch support may request increased service levels. Unless support levels are significantly larger than standard clients, this will likely not cause increased prices.