pricing
Price the immune system, not the audit.
Traditional AI red-teaming charges per engagement. CHIMERA runs continuously. Every plan includes the full attack swarm, the Lobster Trap defense engine, and unlimited replay.
scout
Scout
Hands-on red team for a single AI agent estate.
$0
- ✓50 attack sessions / month
- ✓3 sandbox agents (preset)
- ✓Single tenant · 1 seat
- ✓All 7 attack families
- ✓Synthetic LLM driver (offline)
- ✓7-day telemetry retention
- ✓Community Discord support
most popular
operator
Operator
Continuous adversarial validation for a security team.
$749 / mo
billed $8,990 annually
- ✓1,000 attack sessions / month
- ✓Unlimited sandbox agents
- ✓Up to 5 tenants · 10 seats
- ✓Full swarm: all 6 operatives
- ✓Strategist phase-bandit selection
- ✓Gemini Pro / Flash (BYOK)
- ✓Auto-policy synthesis & versioning
- ✓Webhook alerts + Slack integration
- ✓90-day telemetry retention
- ✓Email support · 12-hour SLA
frontier
Frontier
Autonomous immune system for the regulated enterprise.
Custom
- ✓Unlimited sessions, tenants, seats
- ✓Dedicated single-tenant infra
- ✓Bring-your-own-LLM: Claude · GPT-4 · Gemini · on-prem
- ✓Custom attack families & target adapters
- ✓SOC 2 Type II · HIPAA · GDPR audit exports
- ✓SIEM webhooks: Splunk · Datadog · Sentinel · CrowdStrike
- ✓SSO (SAML, OIDC) + SCIM provisioning
- ✓Air-gapped / VPC deployment
- ✓Private Slack with dedicated SE
- ✓24/7 SLA · 15-min response for criticals
Compare plans
| Scout | Operator | Frontier | |
|---|---|---|---|
| Adversarial engine | |||
| Attack sessions / month | 50 | 1,000 | Unlimited |
| Sandbox agents | 3 preset | Unlimited | Unlimited + custom |
| Mutation budget per session | 32 ticks | 64 ticks | Configurable |
| Attack families | 7 | 7 | 7 + custom |
| Swarm operatives | 1 (generalist) | 6 specialized | 6 + custom roles |
| Cross-session evolution | — | ✓ | ✓ |
| Defense & policy | |||
| Lobster Trap inspection | ✓ | ✓ | ✓ |
| Auto-policy synthesis | ✓ | ✓ | ✓ |
| Policy versioning + A/B | — | ✓ | ✓ |
| ReDoS-safe regex engine | ✓ | ✓ | ✓ |
| Custom rule packs | — | — | ✓ |
| Platform | |||
| Tenants | 1 | 5 | Unlimited |
| Seats | 1 | 10 | Unlimited |
| Telemetry retention | 7 days | 90 days | 365 days + archive |
| RBAC roles | 5 | 5 | 5 + custom |
| Audit log export | CSV | CSV · JSON | CSV · JSON · SIEM |
| Integrations & support | |||
| LLM router (BYOK) | Synthetic only | Gemini | Claude · GPT-4 · Gemini · on-prem |
| Webhook alerts | — | ✓ | ✓ |
| SIEM (Splunk / Datadog / Sentinel) | — | — | ✓ |
| SSO (SAML / OIDC) | — | — | ✓ |
| SCIM provisioning | — | — | ✓ |
| Support | Community | Email · 12h SLA | Dedicated SE · 24/7 |
| Deployment | Cloud (shared) | Cloud (shared) | Dedicated · VPC · Air-gapped |
| Compliance | |||
| SOC 2 Type II evidence | — | — | ✓ |
| HIPAA-eligible workloads | — | — | ✓ |
| GDPR DPA | Standard | Standard | Custom |
| Regulator-ready reports | — | — | ✓ |
FAQ
What counts as an attack session?
One launched arena run against a single target agent — typically 32-64 mutation ticks. A session that terminates early on three successful compromises still counts as one.
Do I need my own LLM API key?
Scout works offline with the deterministic synthetic driver — no key required. Operator and Frontier route to live Gemini / Claude / GPT-4 if you provide a BYOK key in tenant settings; otherwise the synthetic driver is the fallback.
Is the platform safe to point at real production agents?
CHIMERA only attacks targets you explicitly authorize inside your tenant. Sandboxed synthetic agents are the default. Frontier customers can register custom adapters for staged or canary environments under signed authorization scope. We never touch third-party systems.
How does annual billing work?
Operator annual saves 17% vs monthly. Frontier contracts are 1- or 3-year commitments with quarterly true-up on overages. All plans are billed in USD via Stripe or wire transfer.
Can I migrate between tiers?
Yes — usage and history persist. Upgrading is instant; downgrades take effect at the next billing period and respect quota caps prospectively.
Do you offer non-profit / academic pricing?
Yes. Verified research teams and educational programs get Operator at 60% off. Reach out from an institutional address.
Need a custom deployment, BYOL contract, or air-gapped install?
Frontier is sales-led so we can right-size the architecture and compliance package to your environment. Typical evaluation: 2-week POC against your sandboxed agent estate, then commercial close.