What is Agent-as-a-Service pentesting?

Agent-as-a-Service (AaaS) pentesting lets you chat with autonomous pentesting agents that scan your application on demand. Instead of waiting weeks for a manual engagement, you talk to specialized agents — pen-scout (recon and surface mapping), pen-recon (deeper enumeration), pen-triage (validates and prioritizes findings), pen-fixer (remediation guidance), and pen-compliance (OWASP/standards mapping). Findings are validated with proof-of-concept and re-test, not just flagged. You start with 150 free credits, no credit card.

What are credits and how do they work?

Credits are how you run agent scans. Each scan or agent action consumes credits based on its depth. New accounts get 150 free credits with no card required. After that you can buy one-time credit packs ($29, $79, or $199) for pay-as-you-go use, or subscribe to a monthly tier ($49, $149, or $399/mo) for continuous, on-demand pentesting. The agents pen-scout, pen-recon, pen-triage, pen-fixer and pen-compliance all draw from the same credit balance.

Yes. Every new account gets 150 free credits with no credit card required — enough to chat with the pentesting agents and run real scans against your app. There is also a free security headers scan at sable.somoswilab.com/free-scan and a sample report at sable.somoswilab.com/sample-report. The free tier runs on OpenRouter models so you can evaluate the autonomous agents before paying.

What is penetration testing for startups?

Penetration testing (pentesting) is a simulated cyberattack against your application to find security vulnerabilities before real attackers do. For startups, we focus on the issues that matter most at your stage: authentication flaws, data exposure, API security, and common mistakes in modern stacks like Next.js, Supabase, and Firebase.

How much does a pentest cost?

Traditional pentests cost $10,000-$50,000+. SableOffensive starts at $29 for a Pre-Launch Check covering OWASP Top 10 and secrets detection. Founder Shield ($79) adds IDOR testing, auth bypass, and a debrief call. Scale Secure ($199) is a full-scope assessment. Every plan includes a professional report with remediation steps.

How long does a security scan take?

Pre-Launch Check reports are delivered within 24-48 hours. Founder Shield and Scale Secure may take 2-3 business days depending on the complexity of your application.

What do I need to provide?

At minimum, just your application URL. For more comprehensive testing, we may ask for staging credentials, API documentation, or GitHub repository access. We sign NDAs for all engagements.

What is OWASP Top 10?

OWASP Top 10 is the industry standard list of the most critical web application security risks. It includes injection attacks, broken authentication, cross-site scripting (XSS), server-side request forgery (SSRF), and security misconfigurations. Every SableOffensive assessment tests against the full OWASP Top 10.

Do you test AI-generated code?

Yes. Code generated by AI tools like Cursor, GitHub Copilot, and v0 often contains subtle security issues: hardcoded secrets, missing input validation, insecure API patterns, and overly permissive access controls. We have specific testing procedures for AI-generated codebases.

How do you secure Supabase and Firebase apps?

For Supabase, we audit Row Level Security (RLS) policies, test for direct table access, and check for exposed service keys. For Firebase, we review security rules, test Firestore/RTDB access patterns, and check Cloud Functions for vulnerabilities.

What if you find zero vulnerabilities?

50% money back guarantee. If our scan finds zero security issues, you get half your money back.

Is there a free pentesting option?

Yes. SableOffensive offers a free security headers scan at sable.somoswilab.com/free-scan. It instantly checks your website for 8 critical security headers (HSTS, CSP, X-Frame-Options, and more) and gives you an A-F grade with copy-paste fixes. No signup or payment required.

Can I get a free vulnerability scan?

Our free security headers check scans your website instantly and grades your security posture. For a deeper free assessment, contact us — we occasionally offer complimentary scans for early-stage startups and open source projects.

Claw Chain: Four OpenClaw Vulnerabilities Expose 245,000 AI Agent Servers to Data Theft

What Happened

Researchers at Cyera have disclosed a chain of four security flaws in OpenClaw — one of the fastest-growing open-source platforms for autonomous AI agents — that can be exploited to achieve data theft, privilege escalation, and persistent backdoor access. The vulnerabilities, collectively dubbed Claw Chain, affect an estimated 245,000 publicly accessible OpenClaw server instances worldwide. The Hacker News reported that the attack chain allows an adversary to use the agent's own privileges as their hands inside the compromised environment — with each step looking like normal agent behavior to traditional security controls. According to CyberSecurityNews, this dramatically broadens the blast radius while making detection significantly harder.

Technical Analysis

The Claw Chain exploit works by weaponizing the agent's own privileges and access tokens. According to Cyera's full technical report, the four vulnerabilities chain together to move through distinct phases: initial foothold via config manipulation, data exfiltration through the agent's legitimate API access, privilege escalation by abusing agent tool permissions, and persistence via backdoor installation that survives restarts. Each step mimics normal agent behavior — the agent is reading files, calling APIs, making tool calls — but under adversary direction. This is what makes Claw Chain particularly dangerous: traditional endpoint detection and network monitoring tools are not designed to distinguish between legitimate AI agent actions and malicious ones. Delimiter Online noted that the research team disclosed the flaws responsibly earlier this week, giving the OpenClaw project time to prepare patches before public disclosure.

Who's Affected

Any organization or individual running an OpenClaw instance that is publicly accessible over the internet is potentially affected. The 245,000 exposed servers were identified through public scans — instances with open API endpoints reachable from the internet. This includes self-hosted deployments on cloud providers (AWS, GCP, Azure), bare-metal servers, and yes — home labs. OpenClaw agents typically operate with broad access: they read local files, execute shell commands, call external APIs with stored credentials, and manage system configurations. When an attacker hijacks this access through Claw Chain, everything the agent can touch becomes compromised source code, API keys, database credentials, SSH keys, and internal documentation. Organizations using OpenClaw for DevOps automation, security operations, or data pipeline management face the highest risk because their agents often have privileged access to production systems.

How to Protect Yourself

1. Apply patches immediately. The OpenClaw project has released fixes for all four Claw Chain vulnerabilities. Update to the latest version as soon as possible. If you cannot patch immediately, disable public API access.

2. Restrict network exposure. Ensure your OpenClaw instance is not directly accessible from the public internet. Place it behind a VPN, reverse proxy with authentication, or private network. The 245,000 exposed instances were all publicly reachable — that's the attack surface.

3. Audit agent tool permissions. Review what tools and capabilities your OpenClaw agents have access to. Apply the principle of least privilege: if an agent doesn't need shell access, disable it. If it only needs read-only file access, restrict it. Claw Chain escalates through tool abuse — reduce the tools, reduce the blast radius.

4. Rotate credentials and tokens. Assume that any credentials stored in your OpenClaw configuration or accessible to your agents may have been exposed. Rotate API keys, database passwords, SSH tokens, and service account credentials.

5. Enable detailed audit logging. OpenClaw supports session logging. Enable it, ship logs to a SIEM or centralized logging platform, and alert on unusual agent behavior — especially file reads outside expected paths, unexpected API calls, or configuration changes.

The Sable Angle

This is personal for us. OpenClaw is the platform we use internally, and our security research team has been tracking these vulnerabilities closely. Claw Chain is a wake-up call for the entire AI agent ecosystem: we've been focused on what agents can do for us and largely ignored what happens when an attacker turns those same capabilities against us. The fact that each step in the chain looks like normal agent behavior is the core problem — and it's not unique to OpenClaw. Every AI agent framework faces this same class of risk.

At Sable, we've already hardened our own OpenClaw deployments and updated our research methodology to include agent-specific attack chains in our security assessments. If you're running OpenClaw in production — especially with agents that touch sensitive data or critical infrastructure — patch today, audit your agent permissions this week, and treat your AI agents as a new attack surface that needs the same rigor you apply to your endpoints and cloud workloads.