# Continuous Pentesting

Continuous Pentesting automatically retests your application after changes.

It uses your last full assessment as the base configuration. It then runs smaller, targeted follow-up tests as your code evolves.

## Get a usage estimate

Preview expected usage before enabling Continuous Pentesting.

1. Go to **Pentests** and open your project or create a new one.
2. Click **Continuous Testing** in the project header.
3. Click **View Estimate**.

   * If you already ran a full assessment for this project, the estimate uses that configuration.
   * If you have not run a full assessment yet, you can simulate one. Select repositories and branches. Then click **View Estimate** in the modal.

   <div data-with-frame="true"><figure><img src="/files/bONzxgxjA53RKTupcabP" alt=""><figcaption></figcaption></figure></div>
4. Review the estimate cards:
   * **Pentests per Month**
     * How many runs would have started in the last 30 days.
   * **Agents Launched per Month**
     * Total agents that would have launched in the last 30 days.
   * **Credits Used per Month**
     * Credits that would have been used in the last 30 days.
     * 1 credit = $1 USD

<div data-with-frame="true"><figure><img src="/files/wIyX2fsRHFBB6HHafaPq" alt=""><figcaption></figcaption></figure></div>

This estimate is based your commit history and your current trigger settings. Agent and credit calculations can take longer as this requires us to analyze your code changes.

### Pricing and credits

Continuous Pentesting is priced per run. Each run is based on how many agents actually launch.

* **Each agent costs 10 credits.**
* Aikido analyzes your changes and launches the agents needed for that change set.
* Larger changes can trigger more agents.
* Small diffs usually trigger fewer agents.
* The total run cost is calculated from the final number of launched agents.

{% hint style="info" %}
**Rule of thumb:** run cost = `agents launched × 10 credits`.
{% endhint %}

## Enable Continuous Pentesting

### Prerequisites

Before you enable Continuous Pentesting, make sure:

* You have the **Manage Pentests** permission.
* You completed at least one full assessment for this project.
* The full assessment has repositories connected.
* Your wallet balance is at least **1,000 credits**.

### Configure the Frequency

1. Go to **Pentests** and open your project.
2. Click **Continuous Testing** in the project header.
3. Choose your frequency:
   * **Run on every deploy**
     * Select which branch should trigger testing for each connected repository.
     * Set a **Start Delay** to bundle multiple commits into one run.
   * **Run on schedule**:
     * Daily, weekly, monthly, or a custom interval.
     * The schedule starts when you enable Continuous Pentesting.
4. Click **Enable Continuous Testing** and confirm.

<div data-with-frame="true"><figure><img src="/files/NpUwXsIp2XKJpcWPEiGq" alt=""><figcaption></figcaption></figure></div>

## How it works

Each cycle follows this flow:

1. Aikido checks whether your project is eligible to run.
2. It compares the latest commits on your configured branches with the last tested baseline.
3. If the changes should trigger a run, Aikido starts a new continuous assessment and analyzes the relevant code delta.

To avoid noisy or wasteful runs, Aikido applies guardrails:

* It waits for your configured **Start Delay** before triggering.
* It does not start a new run while another continuous run is still active.
* It requires the minimum wallet balance to launch agents.

## Why a run might not start

If you expected a run but none started, check:

* No full assessment exists yet for this project.
* Wallet balance dropped below **1,000 credits**.
* No new commits were detected on your configured branches.
* The latest commit is still within your **Start Delay** window.
* Another continuous run is still in progress.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/pentests/continuous-pentesting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.