Pricing
AI security testing for every team
Start free with full API access. Upgrade when you need more scans, longer retention, and team features. Every finding maps to the TRACTS framework (6 attack surfaces) with OWASP LLM Top 10 cross-references.
50 scans per month. Full API. No credit card.
Get started- 50 scans/month
- Full Scan API + webhooks
- 1 API key
- 7-day report retention
- Pass/fail CI gate
- Basic report
- Soft degrade at 50
500 scans per month. Compliance exports and team dashboard.
- 500 scans/month
- Full Scan API + webhooks
- 5 API keys
- 90-day report retention
- Detailed thresholds
- Compliance exports
- Team dashboard
- Hard cap at 500
Negotiated scan limits, 365-day retention, SSO/SAML, custom policies, and SOC 2 reports. 10+ API keys.
Compare Plans
Everything you need to secure your AI agents
| Free | Team | Enterprise | |
|---|---|---|---|
| Scans/month | 50 | 500 | Custom |
| API access | |||
| Webhooks | |||
| API keys | 1 | 5 | 10+ |
| Report retention | 7 days | 90 days | 365 days |
| CI/CD gate | Pass/fail | Detailed thresholds | Custom policies |
| Compliance exports | |||
| Team dashboard | |||
| Custom scenarios | |||
| SLA | — | — |
FAQ
Common questions about pricing and plans
What counts as a scan?
A scan is one complete agent session. When your AI agent visits attacks.ai and walks through the documentation, that counts as one scan regardless of how many probes run or pages the agent visits during that session.
What happens when I hit my scan limit?
Free tier: After 50 scans in a billing period, you get 10 additional "grace" scans that still run but return a condensed report (status + risk score, no per-finding detail). After the grace zone is used up, further scans are rejected with HTTP 429 until the next billing period.
Team tier: A hard cap applies at 500 scans. Once you reach your limit, additional scans are blocked with HTTP 429 until the next billing period. You can monitor usage from your dashboard.
What is the Scan API?
The Scan API lets you trigger and retrieve security scans programmatically. It is available on all tiers, including Free. Use it to integrate attacks.ai into your CI/CD pipeline, automation scripts, or internal tooling.
Can I cancel anytime?
Yes. Team subscriptions are month-to-month with no long-term commitment. Cancel anytime from your account dashboard and you will retain access through the end of your billing period.
What is the difference between Free and Team?
Free gives you full API access with 50 scans per month and 7-day retention. Team increases that to 500 scans with 90-day retention, adds compliance exports, a team dashboard, 5 API keys, and detailed CI/CD thresholds.
Do you offer annual pricing?
Annual billing is coming soon. If you are interested, reach out to attacks@reyse.ai and we will notify you when it launches.
How does data retention work?
Report retention determines how long your scan results remain accessible. Free tier reports are retained for 7 days, Team for 90 days, and Enterprise for 365 days. After the retention window, reports are permanently deleted.
Start testing your agents today
Full API access on every plan. No credit card required to get started.