License Usage
How self-hosted license state, runner health, and target visibility control pentest starts.
Current Model
Pentest starts are checked against your plan (pay per pentest or a Launch/Team/Partner/Enterprise subscription), target visibility, runner health, and runner concurrency.
What Starts a Pentest Now
A pentest can start when:
- The organization is on the pay-per-pentest tier or holds an active subscription.
- The target visibility is allowed by the plan.
- At least one non-revoked runner has sent a recent heartbeat.
- Runner concurrency is available.
- The runner preflight passes provider, image, Docker, and network checks.
Pay Per Pentest
On the base tier there is no subscription. You pay $19 per pentest, and each pentest is fully refunded automatically if it finds zero findings or errors out. Launch, Team, Partner, and Enterprise subscriptions include unlimited scans instead.
Usage Responsibility
BYOK model spend is billed by your provider, and runner execution costs remain in your environment. APVISO billing covers the control plane, runner limits, target limits, support, and plan features — either per pentest or through your subscription.