Pricing
Engagement pricing reflects the work, not what the market will bear. Floor prices below; final pricing comes from scoping.
Engagements are custom-scoped, fixed-price, and quoted after a 30-minute scoping call. We do not sell hourly consulting, retainers without scope, or tier-based packages. Each engagement type below has a floor price — what we'd charge for the simplest version of that engagement. Real engagements cost more than the floor depending on scope, complexity, and urgency. Drivers are listed below.
Adversarial Probing
Full red-team campaign against your AI deployment
Injection Vector Mapping
Focused injection-surface scan
Shadow-AI Recon
Discovery of undocumented AI usage org-wide
Multi-Agent Attack Simulation
Adversarial testing across agent graphs
Agentic Guardrails
Runtime constraints for AI agent behavior
Neural Hardening
Infrastructure hardening for AI deployments
RAG Perimeter
Audit and harden retrieval-layer boundaries
Incident Response
Active-breach triage and remediation· See engagement page for retainer terms
Floor prices assume single-deployment, single-framework, US/EU clients. Multi-region, multi-deployment, or regulated-industry engagements scope higher. Pricing is fixed once scoped — no surprise overruns.
Deployment complexity
A single-model, single-deployment AI system scopes at the floor. Multi-model, multi-environment, or cross-region deployments add 30–100%.
Multi-agent topology
Agent graphs of 3+ communicating agents add substantial complexity to testing and design. Multi-Agent Attack Simulation reflects this in its floor; other engagements scale up when agent graphs are in scope.
Regulatory environment
Engagements in regulated industries (financial services, healthcare, defense, government) carry additional documentation, evidence-handling, and compliance requirements. Add 25–50% over baseline.
Urgency
Standard engagements book 4–6 weeks out. Urgent engagements (start within 2 weeks) add 25%. Incident Response is priced separately at day rates that reflect immediacy.
Scope of access
Read-only audits against public-facing systems are cheapest. Engagements requiring access to internal staging environments, production credentials, or multi-team coordination add to the cost — both for our time and your team's.
Reporting depth
Floor prices assume standard reporting (findings document + executive summary + remediation handoff). Custom deliverables — board presentations, regulator-ready conformity statements, expert-witness-style documentation — add to scope.
Free, forever
The first three Arsenal tools — Prompt Injection Probe, RAG Poisoning Scanner, Context Hemorrhage Calculator — are free under MIT license. No tier. No rate limits beyond what keeps our hosted versions sustainable. No telemetry.
→ See the Arsenal development planPaid tiers planned for Q1 2027
Continuous Injection Monitor and Shadow-AI Log Analyzer are planned as paid tools — continuous detection and log analysis at production scale. We'll publish pricing when these tools ship. Subscribers get early-access invitations and pricing preview.
→ Subscribe for early accessFixed-price engagements
Engagement price is fixed in the Statement of Work. Scope changes require a written amendment with revised pricing. No surprise overruns.
50% deposit, 50% on delivery
Standard payment structure is 50% deposit on SOW signature, 50% on final report delivery. Larger engagements (>$50K) may use a 3-payment milestone structure.
Net-30 invoicing
Final invoice is due net-30 from the date of delivery. Late payment terms documented in the SOW. We do not work with clients who systematically delay payment.
USD invoicing, multi-currency accepted
Invoices are denominated in USD. We accept payment in USD, EUR, or GBP at prevailing exchange rates. Wire transfer is preferred; ACH and credit card accepted for engagements under $25K.
VAT, sales tax, withholding
Pricing is exclusive of VAT, sales tax, and other jurisdiction-specific taxes. EU clients are responsible for VAT under reverse-charge mechanism. Withholding tax arrangements documented in the SOW where applicable.
Cancellation
Engagements cancelled by the client after SOW signature and before kickoff: deposit is non-refundable. Cancelled during engagement: pro-rated to work completed. Cancellation terms are negotiated case-by-case if the cancellation reason is force majeure or material change in circumstance.
Do you offer discounts?
No. Engagements are priced at what they cost to do well. Discounting either signals we overpriced (in which case pricing was dishonest) or that we're cutting corners (in which case the engagement won't be done well). Neither is acceptable.
Can we negotiate the price?
We can adjust scope, which adjusts price. We don't adjust the price for the same scope. If the floor price is outside your budget, we'll suggest a narrower engagement that might fit — or recommend you wait until budget allows the right engagement.
Do you do retainers or ongoing engagements?
Continuous red-team retainers are available for clients with sustained adversarial testing needs. These are quoted separately. We do not offer 'AI advisor' retainers — those tend to underdeliver on both sides.
What's included in the floor price?
Everything documented in the service detail page for that engagement: methodology phases, deliverables, communication cadence, post-engagement support. No surprise add-ons.
Will pricing change?
Floor prices are reviewed quarterly. When they change, existing SOWs are honored at the original price. New engagement requests after a price change are quoted at the new floor.