Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
search
Changelog NotificationsAPIAikido login

Continuous Pentesting

Continuous Pentesting automatically retests your application after changes.

It uses your last full assessment as the base configuration. It then runs smaller, targeted follow-up tests as your code evolves.

hashtag
Get a usage estimate

Preview expected usage before enabling Continuous Pentesting.

  1. Go to Pentests and open your project or create a new one.

  2. Click Continuous Testing in the project header.

  3. Click View Estimate.

    • If you already ran a full assessment for this project, the estimate uses that configuration.

    • If you have not run a full assessment yet, you can simulate one. Select repositories and branches. Then click View Estimate in the modal.

  4. Review the estimate cards:

    • Pentests per Month

      • How many runs would have started in the last 30 days.

    • Agents Launched per Month

      • Total agents that would have launched in the last 30 days.

    • Credits Used per Month

      • Credits that would have been used in the last 30 days.

      • 1 credit = $1 USD

This estimate is based your commit history and your current trigger settings. Agent and credit calculations can take longer as this requires us to analyze your code changes.

hashtag
Pricing and credits

Continuous Pentesting is priced per run. Each run is based on how many agents actually launch.

  • Each agent costs 16 credits.

  • Aikido analyzes your changes and launches the agents needed for that change set.

  • Larger changes can trigger more agents.

  • Small diffs usually trigger fewer agents.

  • The total run cost is calculated from the final number of launched agents.

circle-info

Rule of thumb: run cost = agents launched × 16 credits.

hashtag
Enable Continuous Pentesting

hashtag
Prerequisites

Before you enable Continuous Pentesting, make sure:

  • You have the Manage Pentests permission.

  • You completed at least one full assessment for this project.

  • The full assessment has repositories connected.

  • Your wallet balance is at least 10,000 credits.

hashtag
Configure the Frequency

  1. Go to Pentests and open your project.

  2. Click Continuous Testing in the project header.

  3. Choose your frequency:

    • Run on every deploy

      • Select which branch should trigger testing for each connected repository.

      • Set a Start Delay to bundle multiple commits into one run.

    • Run on schedule:

      • Daily, every 3 days, weekly, or monthly.

      • The schedule starts when you enable Continuous Pentesting.

  4. Click Enable Continuous Testing and confirm.

hashtag
How it works

Each cycle follows this flow:

  1. Aikido checks whether your project is eligible to run.

  2. It compares the latest commits on your configured branches with the last tested baseline.

  3. If the changes should trigger a run, Aikido starts a new continuous assessment and analyzes the relevant code delta.

To avoid noisy or wasteful runs, Aikido applies guardrails:

  • It waits for your configured Start Delay before triggering.

  • It does not start a new run while another continuous run is still active.

  • It requires the minimum wallet balance to launch agents.

hashtag
Why a run might not start

If you expected a run but none started, check:

  • No full assessment exists yet for this project.

  • Wallet balance dropped below 10,000 credits.

  • No new commits were detected on your configured branches.

  • The latest commit is still within your Start Delay window.

  • Another continuous run is still in progress.

Last updated

Was this helpful?