Starting a Pentest - apviso [APVISO](/)Product Resources Developers Company [Pricing](/#pricing)[Partners](/partners)[Enterprise](/enterprise) [Login](/login)[Start free pentest](/register?intent=free-local-pentest) [Login](/login)[Start free](/register?intent=free-local-pentest) [Home](/)[Knowledge Base](/docs)Starting a PentestPentestingStarting a Pentest ================== How to initiate a pentest, choose a pentest package, and understand what each package means for depth and runtime. Initiating a Pentest -------------------- 1. Navigate to the target you want to pentest. 2. Click **Start Pentest**. 3. Select a **pentest package** (see below). 4. Optionally configure advanced settings, with credentials stored in your runner-local auth file. 5. Click **Confirm**. The pentest is added to the self-hosted runner job queue and begins when an eligible runner claims it. You can monitor status from the target detail page or the **Pentests** list. Pentest Packages ---------------- Pentest packages control the depth of analysis, the number of tests performed, and the runtime profile: - **Demo / First Check** — controlled demo or eligible first self-hosted check. - **Quick Check** — fast security review covering common vulnerability classes. - **Launch Review** — balanced launch-readiness review across major attack vectors. - **Full Pentest** — deeper authenticated, API, and business-logic assessment. - **Compliance Evidence** — maximum-depth assessment with the strongest report and retest evidence. Deeper packages give agents more time and token budget to reason about the application, resulting in broader coverage and more complex findings. What Happens After You Click Confirm ------------------------------------ 1. **License check** — APVISO verifies your self-hosted license, target allowance, runner heartbeat, and concurrency. 2. **Runner job** — APVISO creates a `pending_runner` scan job. 3. **Runner preflight** — your runner checks Docker, BYOK provider credentials, image digest/signature, and target reachability. 4. **Execution** — your runner launches the scan image locally; four AI agents stream findings to your dashboard in real time. 5. **Completion** — the reporter agent produces the final report and the pentest status moves to `completed`. Concurrent Pentests ------------------- The number of pentests you can run simultaneously depends on your tier and configured runner concurrency: - **Solo** — 1 concurrent pentest and 5 starts per monthly period. - **Launch** — 3 concurrent pentests with uncapped starts. - **Team** — 10 concurrent pentests. - **Enterprise** — custom limits through sales-managed terms. If you exceed your concurrent limit, additional pentests remain pending until runner capacity opens. ### Related Articles [Understanding Pentest Statuses What each pentest status means and what actions are available at each stage.](/docs/scan-statuses)[License Usage How self-hosted license state, runner health, and target visibility control pentest starts.](/docs/license-usage)[Subscription Plans Compare the APVISO subscription tiers — Solo, Launch, Team, Partner, and Enterprise — and understand what each includes.](/docs/subscription-plans)[Authenticated Pentesting Configure authentication so APVISO can test pages and API endpoints behind login — supporting bearer tokens, cookies, API keys, and more.](/docs/authenticated-scanning) [Back to Knowledge Base](/docs) [APVISO](/)Autonomous AI-powered penetration testing for modern web applications. Subscribe [](https://github.com/apviso)[](https://x.com/Apviso_com)[](https://www.linkedin.com/company/apviso/) [![Featured on Good AI Tools](https://goodaitools.com/assets/images/badge.png)](https://goodaitools.com/ai/apviso) Product - [Features](/#features) - [Pricing](/pricing) - [Integrations](/integrations) - [Benchmarks](/#compare) - [Affiliate Program](/affiliate) - [Partners](/partners) - [Enterprise](/enterprise) Resources - [Blog](/blog) - [Use Cases](/use-cases) - [Glossary](/glossary) - [Comparisons](/comparisons) - [Alternatives](/alternatives) - [Compliance](/compliance) - [Vulnerabilities](/vulnerabilities) - [Industries](/industries) - [OWASP APTS](/trust/apts) Developers - [Knowledge Base](/docs) - [API Reference](/docs/api) - [MCP Server](/docs/mcp) Company - [About](/about) - [Contact](/contact) - [Status](https://status.apviso.com) - [Privacy Policy](/legal/privacy) - [Terms of Service](/legal/terms) © 2026 APVISO. All rights reserved.