Continuous AI pentesting. Honest pricing.
Two offerings, two models: the KAI Platform is a subscription from €1,200/month with a 14-day free trial. Expert services — pentests, red team, audits — are scoped and quoted per engagement. Every finding ships with reproducible proof of exploitation, so your team only triages what matters.
Fixed pricing. Predictable bills.
AI-powered continuous security testing — published pricing, 14-day free trial, no per-finding charges.
These tiers cover the KAI platform subscription only. Human-led work — pentests, red team, compliance audits — is scoped per client under KAOS Services.
STARTER
For startups & small teams
Continuous AI pentesting for a single product or a small estate. Self-serve onboarding — same-day scans on common stacks.
- All 127 attack techniques
- Weekly scheduled scans + on-demand
- PDF + JSON report exports
- Slack / Teams / GitHub integrations
- MITRE ATT&CK mapping
- 3 users · email support
- 14-day free trial
PRO
Most teams pick this
Continuous AI pentesting across your full estate. Compliance-ready evidence, full API and CI/CD gating included.
- Everything in STARTER
- Daily scheduled scans + on-demand
- Compliance evidence: PCI 4.0 · ISO 27001 · SOC 2 · HIPAA · NIS2 · DORA · ENS
- All export formats (PDF · DOCX · JSON · SARIF · CSV · XLSX)
- REST + GraphQL API · webhooks · Terraform
- Risk acceptance + retest workflow
- SLA tracking + analytics dashboards
- 15 users · SAML SSO + SCIM
- 4-hour SLA · business hours
ENTERPRISE
For regulated environments
Single-tenant, on-prem or air-gapped deployments. Custom techniques, BYOK encryption and dedicated solutions support.
- Everything in PRO
- Continuous scan rotation across full estate
- Additional concurrent scan workers on request
- On-prem · air-gapped · single-tenant managed VPC
- BYOK (AWS KMS / Azure Key Vault / HSM)
- Custom MITRE techniques + custom MCP servers
- Audit log streaming (Splunk / Datadog / Elastic)
- 1-hour SLA · 24/7 emergency · dedicated CSM
- White-label reporting · auditor portal
Pricing context: KAI STARTER undercuts comparable AI pentest platforms (Pentera, NodeZero) by ~60%. KAI PRO sits at ~50% of Cobalt PtaaS Professional. Same autonomous AI agent across all tiers — only limits and integrations differ.
Compare KAI tiers
Same autonomous AI agent across all tiers. The differences are limits, integrations, deployment, and SLA.
| Feature | STARTER €1,200/mo | PRO €3,200/mo | ENTERPRISE Custom |
|---|---|---|---|
| Limits & scope | |||
| Assets included | 10 | 50 | Unlimited |
| Projects / workspaces | 1 | Unlimited | Unlimited |
| Concurrent scans (workers) | 1 | 1 | 1 (more on request) |
| Scans in queue | Unlimited | Unlimited | Unlimited |
| Scheduled scan cadence | Weekly + on-demand | Daily + on-demand | Continuous rotation |
| User seats | 3 | 15 | Unlimited |
| Manual review by OSCE3 operator | Via KAOS Services | Via KAOS Services | Via KAOS Services |
| Engine & coverage | |||
| All 127 attack techniques | Included | Included | Included |
| RAG-driven technique selection | Included | Included | Included |
| 6 MCP servers (code analysis, browser, OOB, …) | Included | Included | Included |
| Custom MITRE techniques + custom MCP servers | Not included | Not included | Included |
| Findings validated with proof of exploit | Included | Included | Included |
| Reporting & compliance | |||
| PDF + JSON exports | Included | Included | Included |
| DOCX / SARIF / CSV / XLSX exports | Not included | Included | Included |
| MITRE ATT&CK coverage matrix | Included | Included | Included |
| Compliance evidence (PCI 4.0, ISO 27001, SOC 2, HIPAA, NIS2, DORA, ENS) | Mapping only | Full evidence pack | Full evidence pack |
| White-label / custom branding | Not included | Not included | Included |
| Auditor portal (read-only watermarked access) | Not included | Included | Included |
| Triage & lifecycle | |||
| Risk acceptance workflow | Not included | Included | Included |
| Re-test management + PoC replay | Not included | Included | Included |
| Field-level change history (audit trail) | Included | Included | Included |
| SLA tracking + MTTR analytics | Not included | Included | Included |
| Integrations & API | |||
| Slack / Teams / GitHub notifications | Included | Included | Included |
| JIRA / Linear / ServiceNow / GitHub Issues | Not included | Included | Included |
| CI/CD: GitHub Actions / GitLab / Jenkins / Azure DevOps | Manual API | Included | Included |
| REST + GraphQL API | Read-only | Full | Full |
| Webhooks (HMAC signed) + delivery log | Not included | Included | Included |
| Terraform provider | Not included | Included | Included |
| Audit log streaming (Splunk / Datadog / Elastic) | Not included | Not included | Included |
| Identity & security | |||
| Email + password | Included | Included | Included |
| SAML SSO + OIDC | Not included | Included | Included |
| SCIM 2.0 user provisioning | Not included | Included | Included |
| Custom RBAC roles | Not included | Not included | Included |
| BYOK encryption (AWS KMS / Azure KV / HSM) | Not included | Not included | Included |
| Deployment & data | |||
| Multi-tenant SaaS (EU / US) | Included | Included | Included |
| Single-tenant managed VPC | Not included | Not included | Included |
| On-prem Kubernetes (Helm chart) | Not included | Not included | Included |
| Air-gapped operator | Not included | Not included | Included |
| Configurable data retention (30d–7y) | 12 months | 24 months | Configurable |
| Support & SLA | |||
| Email support | Included | Included | Included |
| Business-hours response SLA | 24h | 4h | 1h |
| 24/7 emergency response | Not included | Not included | Included |
| Dedicated Customer Success Manager | Not included | Not included | Included |
| Solutions Engineer / onboarding | Self-serve | Guided | Dedicated |
| Production SLA uptime | 99.5% | 99.9% | 99.95% |
| Quarterly business review | Not included | Included | Included |
Need a tier between PRO and ENTERPRISE? Talk to us— we'll size it to your estate.
Quality you can act on immediately
We can't promise a number of findings — that depends entirely on your environment's exposure. What we can promise is the format and rigor of every finding KAI surfaces.
Step-by-step instructions to reproduce the issue, including captured request / response pairs.
Severity scoring with environmental modifiers plus a plain-language business-impact summary.
Every finding tagged with the MITRE technique it abuses and the CWE class it belongs to.
Linked control families across PCI-DSS, ISO 27001, SOC 2, HIPAA, NIS2, DORA and ENS.
Screenshots, OOB callbacks, tokens, payloads — everything your engineering team needs to act.
Concrete fix recommendations, code-level when applicable, with verification steps after the patch.
KAOS Services
Human + AI engagements led by our offensive security team — pentests, red team operations, compliance audits, advisory.
KAOS vs the alternatives
Why teams pick KAOS over a traditional pentest agency or a self-hosted scanner.
| Dimension | KAOS Platform + Services | Traditional pentest agency | DIY scanner |
|---|---|---|---|
| Time to first scan | Same day — self-serve | 4–8 weeks per engagement | Minutes — output unverified |
| Cost | From €1.2k/mo (Platform) · custom (Services) | €25k–€80k+ per project | €3k–€10k/yr (hidden infra cost) |
| Coverage cadence | 24/7 continuous + deep manual | Point-in-time snapshot | Limited to known CVE signatures |
| Finding format | Every finding ships with PoC | Manual write-up, varies by analyst | CVE matches — high noise rate |
| Continuous testing | Built-in | No — re-scope each time | Scheduled scans only |
All prices in EUR, exclude VAT. Andorran entity (KAOS S.L.U) for commercial contracting; EU customers contracted via KAOS AI SECURITY, S.L. on request.
Frequently Asked Questions
Still Have Questions?
Our team is happy to answer any questions and help you find the right plan.