CyberSage

PRICING // TRANSPARENT

Starting from €3,500 · No Fortune-500 minimum

Four public tiers plus bespoke retainers. Numbers below come straight from the live rate card, no hidden “call us for a quote” games unless you genuinely need Custom scope. The cost of one unfixed critical finding usually sits higher than the delta to the tier that already includes retest and deeper compliance mapping. Use the matrix to see what you are trading off. Priced in EUR; Ireland-based delivery; engagements across Europe, the UK, and worldwide on request.

Essential

€0

Baseline security verdict for a single target. Ideal for SOC 2 and ISO 27001 evidence.

  • Single target: 1 web app or 1 network segment
  • Up to 15 endpoints
  • Automated coverage + light manual validation
  • OWASP Top 10 scoped testing
  • CVSS-scored findings + per-finding remediation guidance
Scope my Essential testTalk to Emanuel first
Recommended

Professional

30% launch discount

€7,500

€0

Built for investor due-diligence and enterprise sales-cycle security questionnaires.

  • Multi-target: web + REST/GraphQL API + multi-role authentication
  • OR full internal + external network assessment
  • Deep manual validation alongside AI-accelerated recon
  • Compliance-mapped report (ISO 27001, NIS2, GDPR)
  • Remediation walk-through call with your dev team
Book my Professional engagementTalk through my scope

Enterprise

30% launch discount

€18,000

€0

Full-stack red-team simulation for regulated entities and AI-system operators facing EU AI Act Article 15.

  • Web + API + network (internal + external) + cloud configuration
  • Social engineering vectors (phishing, targeted pretexting)
  • Full MITRE ATT&CK TTP coverage
  • Executive + technical + compliance-evidence report pack
  • Purple-team debrief + remediation prioritisation workshop
  • Re-engagement confirmation letter (audit-ready)
Start my Enterprise engagementReserve an EU AI Act slot

Custom / Ongoing

By quotation

Bespoke scope, retainer, or continuous PTaaS, shaped around your audit cycle.

  • Continuous PTaaS with always-on coverage and monthly reporting
  • Quarterly mini-tests (retest plus new-feature delta)
  • Annual retainer (2–4 assessments plus priority response)
  • Compliance-cycle-aligned refresh testing
Request a quotationBook a discovery call

COVERAGE

Relative intensity by tier

Relative coverage comparison across tiers for attack surface, manual depth, compliance breadth, support window, and deliverables. Values are normalized within each axis.
TierAttack surfaceManual depthCompliance breadthSupport windowDeliverables
Essential0%0%0%0%0%
Professional0%0%0%0%0%
Enterprise0%0%0%0%0%
Custom / Ongoing0%0%0%0%0%

MATRIX

What each tier actually carries

Pricing tier feature comparison. Each row names a deliverable; each column is a tier.
CapabilityEssentialProfessionalEnterpriseCustom / Ongoing
Promotional anchor / price€3,500€7,500
€5,250		€18,000
€12,600		Quotation
Delivery windowdelivered in 12–14 working daysdelivered in 22–25 working daysdelivered in 38–42 working daysTailored
Report layersTechnical findingsExecutive summary · Technical findings · Remediation planExecutive narrative (board-ready) · Technical findings · Evidence pack (PoC, screenshots, kill-chain diagrams)As specified in SOW
RetestAdd-on availableOne retest includedRetest + audit letterContinuous cadence
Debrief30m call90m callWorkshop packTailored
Post-delivery support21 days30 days75 daysContinuous
MITRE ATT&CKSelected TTPsFull TTP mapFull TTP map
Compliance mapping2 frameworks4 frameworks7 frameworks1 frameworks

RETAINERS

Ongoing coverage options

per quarter

Quarterly mini-test

Retest + new-feature delta assessment

€2,500 – €4,500

per year

Annual retainer

2–4 assessments per year + priority response

€12,000 – €25,000

per month

Continuous PTaaS

Always-on coverage with monthly reporting

€3,000 – €8,000

bundled

Compliance refresh

Annual re-run aligned to your audit cycle

Bundled with annual scope

FAQ

Pricing questions, answered plainly

CTA

Book a scoping call

If the tier is close but not exact, we will say so, then either adjust scope or point you elsewhere. Bring your asset list and audit deadlines; we map those to the matrix rows so you are not guessing what ships.

Book a scoping call