Fast vulnerability scanning built for SOC2, PCI DSS, HIPAA, and ISO 27001

Slate scans your apps and APIs for security vulnerabilities, explains them in plain English, and gives you AI-ready fixes so you can be audit-ready.

Trusted by teams at

Stripe
Microsoft
Accenture
Deloitte
Netflix
Databricks
Retool

How it works

Built for simplicity and speed

01

Enter your domain

Paste your URL and run your first scan. No agent to install, no sales call to book. Results in under 10 minutes.

02

Find vulnerabilities

Every finding ranked by severity, with a breakdown of vulnerability types so you know exactly what's exposed.

03

Fix it with AI

Every finding includes a plain-English explanation of the risk and an AI-agent prompt for the fix.

New scan

Target URL

https://acme.io

Scan queued

Scan progress

~8 min remaining

68 / 847 checks8%

Frictionless setup

Scan where you work.
Web, CLI, or your AI agent.

Minimal setup. Maximum speed. Scan from the dashboard, your terminal, or Cursor — full vulnerability reports in under 10 minutes.

Web UI

No setup required. Enter your domain in the dashboard, hit scan, and watch findings appear in real time. Share reports with a link.

CLI

Run scans from your terminal, integrate into CI/CD pipelines, or script automated checks. Everything the web UI does, from the command line.

MCP + Agents

Ask Cursor or Claude to scan your app in plain English. Findings and fix prompts show up right in chat — same depth as the dashboard, zero local setup.

Connect in Claude or Cursor

What we find

Vulnerabilities explained in plain-English.
AI-ready fixes.

Every finding comes with a plain-English explanation, step-by-step remediation guidance, and a ready-to-use AI agent prompt you can paste straight into Cursor to fix it.

SQL Injectioncritical

GET /api/users?id=

Reflected Cross-Site Scriptinghigh

GET /search?q=

Broken Object-Level Authorizationhigh

GET /api/invoices/:id

Sensitive Data in API Responsemedium

GET /api/config

Open Redirectmedium

GET /auth/callback?next=

Tap to explore.

Built for developers

Why engineering teams pick Slate

Readable findings, agent-ready remediation, and CI gates — so you can understand risk, fix it fast, and block bad deploys without a dedicated AppSec team.

Actionable findings

Plain-language explanations for what's wrong, what was detected, and how to fix it — with scanner evidence built in.

Agent-ready remediation

Agent-ready fixes for every finding — repo-scoped briefs with scope, task, and acceptance criteria you can paste into Cursor or any coding agent.

CI gates

Run scans in GitHub Actions or any pipeline. Fail builds on critical findings with JSON output and predictable exit codes.

SOC 2
HIPAA
PCI DSS
ISO 27001

Audit readiness

Find issues early.
Show up audit-ready.

Controls and audits under SOC 2, HIPAA, PCI DSS, or ISO 27001 all touch application security — with different rules and cadences. Slate scans your web apps and APIs, surfaces exploitable issues, and gives you fixes you can ship before review day.

Pricing

Pay per target. Scan when you need to.

Each plan includes a monthly scan allowance for cloud security checks. One scan is one full run against a target. Manual and scheduled scans both count.

Startup and Scale include a 14-day free trial. Pay annually upfront and save 20%. Need more capacity? Add targets or extra scans on Startup and Scale.

Startup

$29/month

1 target · 20 scans/mo included

One production app or API with enough scans to check in weekly before you ship.

  • 1 target included
  • 20 scans per month included
  • Severity-ranked findings reports
  • Plain English remediation steps
  • AI-prompt fixes
  • 48-hour email support
  • Add-on targets $15/month each
  • Extra scans $1.25 each
Most popular

Scale

$79/month

3 targets · 100 scans/mo included

Three targets and a pooled scan allowance for staging, prod, and buyer-ready reports.

  • Everything in Startup
  • 3 targets included
  • 100 scans per month included (pooled)
  • White label reports
  • 24-hour email support
  • Add-on targets $12/month each
  • Extra scans $0.85 each

Enterprise

Custom

Volume pricing · Flexible terms · On-prem

SSO and dedicated support for regulated teams at scale.

  • Everything in Scale
  • Custom targets & monthly scans
  • Volume pricing on extra scans
  • Single sign-on (SSO)
  • SCIM provisioning
  • On-prem deployments
  • Dedicated support

Find the gaps before
audit day.

Run a free scan on your app or API—results in under 10 minutes, with severity-ranked findings and AI-ready fixes. No setup call required.