Stop guessing.
Scope with intelligence.

The estimation engine for penetration testing teams. Turn scoping into a repeatable, defensible, data-driven process — calibrated against a growing internal dataset of real engagements.

Run an estimate View the dashboard

Engagement · ACME-772-B

Banking portal — Web + API

Verified

84% confidence

Total effort

22.4MD

Technical

15.6MD

Compliance

3.5MD

Reporting

3.3MD

Complex RBAC matrix (5 roles + tenant isolation)+3.0 MD

Financial transaction workflows (race conditions)+4.0 MD

GraphQL schema — manual depth & introspection+2.0 MD

Three orthogonal axes of effort.

Real-world pentest effort is never one number. Technical testing, compliance mapping, and reporting are modelled as independent dimensions — because that's how delivery actually works.

Technical

Scales with attack surface, RBAC depth, multi-tenancy, financial workflows, GraphQL, and AI features.

Compliance

Mapped per framework — OWASP ASVS, PCI DSS, DORA, ISO 27001, NIS2, SOC 2 — with evidence depth as the driver.

Reporting

Scales with audience, remediation detail, and retest scope. Small ≠ simple.

400+

Reference engagements

Pentest categories

Compliance frameworks

Complexity signals

Scope your next engagement in 90 seconds.

No setup. No login required. Generate an explainable, defensible estimate now.

Launch the wizard

Stop guessing.Scope with intelligence.

Banking portal — Web + API

Three orthogonal axes of effort.

Technical

Compliance

Reporting

Scope your next engagement in 90 seconds.

Stop guessing.
Scope with intelligence.