SimpleSec Offensive Security
Start free
Pricing

Three tiers. Pick the one that matches who you're testing for.

Start free with a 7-day full-access trial — up to 5 scans a day, with complete findings, evidence, and reports. Upgrade to Standard or Pro to keep scanning past day 7. Signup is self-serve — verify your work-email domain and you're testing.

Early access 80% off year one on Standard and Pro. Lock it in by signing up now.

Free

See where you stand. No card required.

$0 / 7 days

full Pro access — no card

Run real, full-capability tests against your own assets for 7 days — complete finding details, evidence, and exportable reports, exactly like Pro. After the trial your workspace goes read-only: every prior result stays accessible, you just upgrade to run new scans.

  • Full Pro capabilities for 7 days
  • Complete finding details, evidence & exportable reports
  • Up to 5 scans per 24 hours
  • Read-only after day 7 — prior scan data stays accessible
  • Verified work-email domain required at signup
  • Single user, single organization
Start free
Most popular

Standard

For internal security teams running pentests on their own org.

Early access • 80% off
$499.99 / month
$99.99 / month

for your first year

Then $499.99/mo. Lock in by signing up during early access.

Everything in Free, plus the full finding details, evidence chain, and exportable PDF / CSV / AttackForge reports. One organization. Unlimited engagements within scope.

  • Full finding details with evidence chain
  • PDF, CSV, and AttackForge report generation
  • Internal-network testing via WireGuard agent
  • Approval gates and full audit log
  • Credential capture (encrypted at rest)
  • Unlimited engagements within scope
Get started

Pro

For MSSPs, MSPs, and pentesters managing multiple clients.

Early access • 80% off
$999.99 / month
$199.99 / month

for your first year

Then $999.99/mo. Lock in by signing up during early access.

$499.99 / month
$99.99 / month

per additional customer · first year (then $499.99/mo each)

$99.99 / month

CI/CD pipeline integration · first 50 tests included

$5 per test above 50

Everything in Standard, plus multi-customer management — and the same PDF, CSV, and AttackForge reports for every customer. Base seat covers your first customer; add more at the per-customer rate below.

  • First customer organization included
  • Add more customers at the per-customer rate
  • Per-engagement network access profiles
  • Per-engagement evidence isolation
  • PDF, CSV, and AttackForge reports per customer
  • Customer-branded reports — your client's logo on every PDF
  • CI/CD pipeline integration available as add-on (API-key auto-pentests on deploy)
  • Priority support
Get started

Early-access pricing holds for a full 12 months from signup, then renews at the regular monthly rate.

Nonprofit or lower-education institution? We offer free accounts for qualified organizations. Email us →

Frequently asked

What's early access pricing?

Standard and Pro are 80% off your first year while we're in early access — Standard is $99.99/month (regularly $499.99), Pro is $199.99/month (regularly $999.99). Pro's additional customer slots are also 80% off at $99.99/month each (regularly $499.99). Lock the rate in by signing up now; it holds for a full 12 months, then renews at the regular price.

Is signup self-serve?

Yes. Free, Standard, and Pro are all self-serve. Create an account at app.simplesec.ai, verify your work-email domain, and you're testing. Paid tiers add a card during signup and start under early-access pricing automatically.

What does the Free tier actually do?

It's a 7-day full-access trial — the same pipeline and the same complete output as Pro: full finding details, evidence chain, and exportable reports, capped at 5 scans per 24 hours. When the 7 days are up your workspace goes read-only — every prior result stays fully accessible, you just upgrade to run new scans.

Why do I need a verified domain at signup?

It's how we make sure tests land on assets you actually own. After signup we send a verification link to your work email and check the domain is real. The same check applies to every tier.

Do I need permission to test?

Yes. SimpleSec is for authorized testing only. By using SimpleSec you confirm you have explicit permission from the asset owner. We log every test against audit-ready trails for exactly this reason.

Can I run pentests on internal networks?

Yes — Standard and Pro tiers include WireGuard agent-based internal testing. You drop the agent into the target environment; SimpleSec tunnels through it for AD enumeration, lateral movement validation, and the rest.

Can I plug SimpleSec into my CI/CD pipeline?

Yes — CI/CD pipeline integration is a Pro-tier add-on. For $99.99/month you get an API key your pipeline uses to trigger an auto-pentest on every code deploy, including the first 50 tests. Tests 51+ are billed at $5 each. Findings flow back into the same dashboard, evidence chain, and report exports as your manual tests.

What's the difference between Standard and Pro?

Standard is for someone testing their own organization — one org, unlimited engagements. Pro is for MSSPs, MSPs, and consultants — multi-customer management from one console with isolated engagements, evidence stores, and branded reports. Pro's first customer is included; additional customers are billed per-customer per month.

Where is my data stored?

On infrastructure operated by Summit Cyber. Sensitive material — credentials, MFA secrets, WireGuard keys — is encrypted at rest with Fernet. On-prem deployment is available for Pro-tier customers with strict data-residency requirements.

Not sure which tier fits?

Tell us what you're trying to do. We'll point you at the right one.

Talk to us See features