# Continuous Pentesting

Continuous Pentesting automatically retests your application after changes.

It uses your last full assessment as the base configuration. It then runs smaller, targeted follow-up tests as your code evolves.

## Get a usage estimate

Preview expected usage before enabling Continuous Pentesting.

1. Go to **Pentests** and open your project or create a new one.
2. Click **Continuous Testing** in the project header.
3. Click **View Estimate**.

   * If you already ran a full assessment for this project, the estimate uses that configuration.
   * If you have not run a full assessment yet, you can simulate one. Select repositories and branches. Then click **View Estimate** in the modal.

   <div data-with-frame="true"><figure><img src="https://3149773201-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FyKbzcQGrx7UtrG0nPZZ7%2Fuploads%2FEzVbLTLO3g3Gd0n9a8ZC%2FScreenshot%202026-02-27%20at%2014.03.53.png?alt=media&#x26;token=e36c9efb-2d53-488e-a804-a1873ce7cb1b" alt=""><figcaption></figcaption></figure></div>
4. Review the estimate cards:
   * **Pentests per Month**
     * How many runs would have started in the last 30 days.
   * **Agents Launched per Month**
     * Total agents that would have launched in the last 30 days.
   * **Credits Used per Month**
     * Credits that would have been used in the last 30 days.
     * 1 credit = $1 USD

<div data-with-frame="true"><figure><img src="https://3149773201-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FyKbzcQGrx7UtrG0nPZZ7%2Fuploads%2F6ZgW8PKEuF3YSeuHf24F%2FScreenshot%202026-02-27%20at%2014.02.07.png?alt=media&#x26;token=2a651813-fd08-4859-a47e-d64bf6d4414c" alt=""><figcaption></figcaption></figure></div>

This estimate is based your commit history and your current trigger settings. Agent and credit calculations can take longer as this requires us to analyze your code changes.

### Pricing and credits

Continuous Pentesting is priced per run. Each run is based on how many agents actually launch.

* **Each agent costs 16 credits.**
* Aikido analyzes your changes and launches the agents needed for that change set.
* Larger changes can trigger more agents.
* Small diffs usually trigger fewer agents.
* The total run cost is calculated from the final number of launched agents.

{% hint style="info" %}
**Rule of thumb:** run cost = `agents launched × 16 credits`.
{% endhint %}

## Enable Continuous Pentesting

### Prerequisites

Before you enable Continuous Pentesting, make sure:

* You have the **Manage Pentests** permission.
* You completed at least one full assessment for this project.
* The full assessment has repositories connected.
* Your wallet balance is at least **10,000 credits**.

### Configure the Frequency

1. Go to **Pentests** and open your project.
2. Click **Continuous Testing** in the project header.
3. Choose your frequency:
   * **Run on every deploy**
     * Select which branch should trigger testing for each connected repository.
     * Set a **Start Delay** to bundle multiple commits into one run.
   * **Run on schedule**:
     * Daily, every 3 days, weekly, or monthly.
     * The schedule starts when you enable Continuous Pentesting.
4. Click **Enable Continuous Testing** and confirm.

<div data-with-frame="true"><figure><img src="https://3149773201-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FyKbzcQGrx7UtrG0nPZZ7%2Fuploads%2FBu21hheXpLxDihNsLDVR%2FScreenshot%202026-02-23%20at%2017.27.39.png?alt=media&#x26;token=cc0eb0af-2bf5-4d56-8ceb-2cc80d204a06" alt=""><figcaption></figcaption></figure></div>

## How it works

Each cycle follows this flow:

1. Aikido checks whether your project is eligible to run.
2. It compares the latest commits on your configured branches with the last tested baseline.
3. If the changes should trigger a run, Aikido starts a new continuous assessment and analyzes the relevant code delta.

To avoid noisy or wasteful runs, Aikido applies guardrails:

* It waits for your configured **Start Delay** before triggering.
* It does not start a new run while another continuous run is still active.
* It requires the minimum wallet balance to launch agents.

## Why a run might not start

If you expected a run but none started, check:

* No full assessment exists yet for this project.
* Wallet balance dropped below **10,000 credits**.
* No new commits were detected on your configured branches.
* The latest commit is still within your **Start Delay** window.
* Another continuous run is still in progress.