root@artais:~$ ./run --mode continuous --target external
Always On.Always Assessing.
Proof·Progress·Productivity
// The Security Gap No One Talks About
The window is open right now.
52%
Of Breaches Exploit Known Vulnerabilities
Annual pen tests leave an 11-month window where new exposures go undetected. Attackers don't wait for your next engagement.
197
Days Average Time to Detect a Breach
Weekly automated testing cuts detection time from months to days. Exposures are found and reported before they become incidents.
What happened in the last 11 months that you don't know about?
// Service Tiers
What You Get
Tier 01
Automated Assessment
- Weekly external perimeter monitoring
- Event-driven scanning: new assets, new CVEs, deployments
- Breach credential monitoring against your domains
- ATT&CK coverage heatmap — know what you tested
- Compliance-ready audit documentation
Tier 02
Continuous Coverage
Most Popular
- Everything in Tier 01
- Monthly curated findings brief — not a raw scan dump
- Monthly validation sprint with a named practitioner
- Ticketing integration with your engineering workflow
- AI Compromise Techniques
- 30-day risk trend and executive-ready reporting
Tier 03
Dedicated Practitioner
- Everything in Tier 02
- Named senior practitioner — dedicated monthly hours
- Internal network and cloud environment coverage
- Quarterly adversary simulation — full kill-chain scenarios
- Business logic flaw testing (unscannable by automation)
- Practitioner on retainer: Q&A, architecture reviews
- Board-ready risk narrative and executive briefing
- Incident advisory access when you need it
// Process
How It Works
01
Onboard
One scoping call. Define domains, assets, and compliance targets. Pick your tier. Live in 48 hours.
02
First Assessment
Automated scan runs immediately. Tier 2/3 adds a practitioner-led sprint. Findings in your dashboard within 24 hours.
03
Ongoing Cadence
Weekly automated testing across all tiers. Tier 2 adds monthly sprints. Tier 3 adds quarterly adversary simulations.
04
Report & Brief
Compliance artifacts on demand. Tier 2 delivers monthly briefs. Tier 3 adds board-ready narratives and exec briefings.
05
Scale Up
Upgrade tiers anytime. Add internal or cloud scope. Your data, history, and practitioner knowledge carry forward.
// Intelligence & Compliance
ATT&CK Coverage + Compliance
MITRE ATT&CK Mapping
Every finding is tagged to a tactic and technique. Your heatmap shows exactly which adversary behaviors your current controls cover — and which they don't.
- Reconnaissance
- Initial Access
- Credential Access
- Discovery
- Exfiltration (surface indicators)
Export your coverage map as an ATT&CK Navigator JSON for auditors, board presentations, or insurance applications.
Compliance Reporting
Reports are always current. No scramble before an audit. Export documentation on demand from your dashboard.
SOC 2
Type I and Type II artifact generation. Timestamped, scoped, methodology-documented.
PCI DSS 11.3
External vulnerability assessment evidence for quarterly and annual requirements.
ISO 27001
Annex A control evidence. Technical vulnerability management documentation.
Cyber Insurance
ATT&CK coverage receipts and testing evidence for renewal questionnaires.
// Comparison
How Artais Compares
| Capability | DIY Scanners | Annual Pentest | Tier 1 — Automated | Tier 2 — Continuous | Tier 3 — Dedicated |
|---|---|---|---|---|---|
| Testing Frequency | Manual / ad hoc | Once per year | Automated weekly | Automated weekly + monthly manual sprints | Automated weekly + monthly manual sprints + quarterly adversary sim |
| ATT&CK Mapping | — | Sometimes | Every finding | Every finding | Full kill-chain |
| Compliance Reports | — | One PDF / year | Always available dashboards | Always available dashboards+ monthly brief | Always available dashboards + board-ready presentations |
| Live Dashboard | — | — | Included | Included | Included |
| Named Senior Practitioner | — | — | — | Monthly manual sprints | On retainer |
| Annual Cost | $9,600+ | $25,000+ | $5,400 flat | Contact us | Contact us |
// Pricing
Start with Tier 01
Artais Automated — Entry Tier
$450
/ month
billed annually
billed annually
$5,400 invoiced upfront · no setup fees · no per-scan charges
- Weekly automated external testing
- Live dashboard, always on
- MITRE ATT&CK heatmap
- SOC 2, PCI DSS, ISO 27001, cyber insurance reporting
- 30-day risk trend, on demand
- No setup fees. No per-scan charges.
Upgrade to Continuous Coverage or Dedicated Practitioner at any time.
Your data, history, and practitioner knowledge carry forward.
Your data, history, and practitioner knowledge carry forward.