SimpleSec
Request access
Pricing

Three tiers. Pick the one that matches who you're testing for.

Start free to see what SimpleSec finds. Upgrade when you need the full evidence and reports. Onboarding is manual right now — we'll make sure your scope is right before you ever spend a credit.

Free

Run a real scan. See where you stand.

$0 forever

Get a feel for what SimpleSec finds. Scans run end-to-end and you see opportunities — but the full finding details, evidence, and reports unlock on a paid tier.

  • Full pentest workflow runs end-to-end against your assets
  • Opportunities surfaced, grouped by attack category
  • Severity rollup (critical / high / medium / low)
  • Single user, single organization
Get started
Most popular

Member

For internal security teams running pentests on their own org.

Contact us per organization

Everything in Free, plus the full finding details, evidence chain, and exportable reports. One organization. Unlimited engagements within scope.

  • Full finding details with evidence chain
  • Structured PDF and CSV reports
  • AttackForge export
  • Internal-network scanning via WireGuard agent
  • Approval gates and full audit log
  • Credential capture (encrypted at rest)
Talk to us

Consultant

For pentesters and MSPs running engagements for many clients.

Contact us per consultant

Everything in Member, plus multi-organization management. One console, isolated engagements, separate evidence stores, branded deliverables.

  • Manage multiple client organizations
  • Per-engagement network access profiles
  • Per-engagement evidence isolation
  • Branded report exports
  • Priority support
  • Everything in the Member tier
Talk to us

Pricing for paid tiers is set during onboarding based on scope and engagement count. Stripe self-serve coming soon.

Frequently asked

Why is signup not self-serve yet?

We onboard every account manually right now so we can verify your scope and set up the right network access. Stripe-based self-serve is on the roadmap once the manual flow is dialed in.

What does the Free tier actually do?

It runs the same scan pipeline as the paid tiers — recon, enumeration, validation. You'll see what SimpleSec found in terms of opportunities and severities, but the per-finding details, evidence, and exportable reports are gated until you upgrade.

Do I need permission to test?

Yes. SimpleSec is for authorized testing only. By using SimpleSec you confirm you have explicit permission from the asset owner. We log every scan against audit-ready trails for exactly this reason.

Can I run pentests on internal networks?

Yes — Member and Consultant tiers include WireGuard agent-based internal scanning. You drop the agent into the target environment; SimpleSec tunnels through it for AD enumeration, lateral movement validation, and the rest.

What's the difference between Member and Consultant?

Member is for someone testing their own organization. Consultant lets you manage multiple client organizations from one console with isolated engagements, evidence stores, and branded reports.

Where is my data stored?

On infrastructure operated by Summit Cyber. Sensitive material — credentials, MFA secrets, WireGuard keys — is encrypted at rest with Fernet. On-prem deployment is available for Consultant-tier customers with strict data-residency requirements.

Not sure which tier fits?

Tell us what you're trying to do. We'll point you at the right one.

Talk to us See features