The security first platform

Transparent & Competitive Pricing

Cut down old, legacy vendors and double down on your production security.
Get a flexible, purpose-built tool to help your security teams overcome externally facing threats.

Pro

$24/mo

For teams wi
th small cloud environments.

Monthly
Yearly (-16%)

Usage

Attack Surface Management

Number of Subdomains

User Seats

Scans Frequency

Features

Responsible Disclosure

Vulnerability Management

SaaS & 3rd Parties Risk Monitoring

Collaborative Pentest Managemnt

Attack Surface as API

Webhooks Alerts Integration

SSO Authentication

Secrets Scanning

Caido DAST Integration

Internal Whitebox Integrations

Support

Email Support

Shared Slack Channel

Compliance Penetration Test

Integrations By-Request

Monthly
Yearly (-16%)
Essential

$500/mo

For teams with small cloud environments.

Usage

100

Attack Surface Management

0-50

0 - 500 subdomains

2

2 user seats

Bi-Daily

Bi-Daily scans frequency

Features

100

Responsible Disclosure

Vulnerability Management

SaaS & 3rd Parties Risk Monitoring

Collaborative Pentest Managemnt

Attack Surface as API

Webhooks Alerts Integration

SSO Authentication

Secrets Scanning

Caido DAST Integration

Internal Whitebox Integrations

Support

100

Email Support

Shared Slack Channel

ADD-ON Available

Compliance Penetration Test Add-On Available

Integrations By-Request

Premium

$1500/mo

For businesses with significant cloud infrastructure.

Usage

100

Attack Surface Management

0-500*

0 - 500 subdomains

10

2 user seats

Hourly

Bi-Daily scans frequency

Features

100

Responsible Disclosure

Vulnerability Management

SaaS & 3rd Parties Risk Monitoring

Collaborative Pentest Managemnt

Attack Surface as API

Webhooks Alerts Integration

SSO Authentication

Secrets Scanning

Caido DAST Integration

Internal Whitebox Integrations

Support

100

Email Support

Shared Slack Channel

ADD-ON Available

Compliance Penetration Test Add-On Available

Integrations By-Request

Enterprise

Custom

Tailor-Made offerings for large, complex environments.

Usage

100

Attack Surface Management

Unlimited Subdomains

0 - 500 subdomains

Unlimited Seats

2 user seats

10 Minutes

Bi-Daily scans frequency

Features

100

Responsible Disclosure

Vulnerability Management

SaaS & 3rd Parties Risk Monitoring

Collaborative Pentest Managemnt

Attack Surface as API

Webhooks Alerts Integration

SSO Authentication

Secrets Scanning

Caido DAST Integration

Internal Whitebox Integrations

Support

100

Email Support

Shared Slack Channel

Compliance Penetration Test

Integrations By-Request

Stop overpaying for noise and mess.

At Shockwave, we disrupt a legacy industry - no more false positives and alert fatigue, with us you focus on what really matters, the ability to continuously monitor for exploitable externally facing risks.

Purpose-built for company that care about identifying real-exploitable risks within their public infrastructure.

AI-powered Chatbot trained on your own data to assist your security teams in their daily tasks.

The only Attack Surface solution combined with DAST capabilities on the Cloud (Caido + Nuclei)

Shockwave's OSINT reconnaissance engines are industry-leading in terms of discovery capabilities.

Part of our arsenal includes scanning for novel misconfigurations before they become publicly known.

Launch your own Responsible Disclosure Program without extra costs.

Hear from Security Pros

Shockwave's SaaS Platform and underlying automation has received heaps of praises throughout the years, hear what amazing security personals say about our results.

Jason Haddix

@Jhaddix

During the automations portions of my classes, and at conferences, lots of people ask me what dynamic scanner companies to watch.
I’ve been watching Gal Nagli for years tear up the bounty scene.
Then he made shockwave.cloud,
So that’s my answer: shockwave.cloud

Asaf Aprozper

Head of SecOps

We use Shockwave to complement our CSPM, ever since it detects external threats in real-time and takes our automation to a whole new level.

Nir Sandalovich

CyberSec Engineer

Shockwave has notified us about exploitable vulnerabilities that no other tool has been able to detect.

Leo Juszkiewicz

AppSec Architect

Shockwave has truly transformed the way we protect our externally facing assets, and has provided us with great peace of mind.

Ian Carroll

Founder & CEO

Shockwave continuously assesses our externally facing assets, allowing us to focus on building our category-leading startup.

Aviel Asulin

IT Manager

Thank you for the report and assessment, it was great working with Shockwave!

Getting started with Shockwave

Everything you need to know

What does Shockwave do?

Shockwave is an Attack Surface & Continuous Threat Exposure Management Platform that continuously protects your externally facing assets. Using top hackers techniques, it rapidly identifies vulnerabilities to keep your systems secure and prevent cyber-security incidents. The platform produces complete snapshot of your external security posture with 0-touch and without the need of integrations, having said that we do integrate with internal systems (CSPM / DNS Providers) to complement the accuracy of your data, if needed. Shockwave lets you run your own DAST modules and Responsible Disclosure Programs. We have a proven track record discovering critical externally-facing vulnerabilities within Fortune 100 companies and dozen of clients.Is my data safe with Shockwave?

Is my data safe with Shockwave?

Absolutely, at Shockwave, your data security is our utmost priority.We employ strict security protocols and advanced encryption techniques to ensure that your data is protected.Furthermore, each of our clients is provided with a segregated box for their assets and vulnerabilities, completely isolated from other tenants.This means your information is not only secure but also private, maintaining the integrity of your individual data environment.

Do you provide customer support?

Yes, we offer customer support for all our customers. If you need help, you can reach out to us through contact@shockwave.cloud Enterprise and Premium customers enjoy the benefit of having shared slack channel for support and smooth communication abilities.

Where can I find the Terms and Conditions?

You can find our our Terms and Conditions for payments on our website here. We encourage all users to review these documents before subscribing to our service, for any questions don't hesitate to contact us via contact@shockwave.cloud

What payment methods do you accept?

We accept all major credit cards. Our payments are processed through Stripe, a secure and widely-used payment gateway.

What does Shockwave consider an asset to be?

At Shockwave, we consider an asset as subdomain which has resolved DNS name with IP / CNAME record behind it, after being Wildcard filtered.

Do you provide customer support?

Yes, we offer customer support for all our customers. If you need help, you can reach out to us through contact@shockwave.cloud Enterprise and Premium customers enjoy the benefit of having shared slack channel for support and smooth communication abilities.

The security first platform

Supercharge your security

Identify, Secure and Continuously Monitor your Externally Facing Attack Surface.
Significantly Improve your security posture within minutes with an easy, smooth onboarding process.

Contact sales