Faultline Security: We test your SaaS for security holes including your AI features
Hey PH 👋 I'm Beatriz, co-founder of Faultline Security
We do penetration testing for startups and SaaS companies. Seed to Series B, mostly B2B, mostly teams that don't have a dedicated security person yet.
The short version: we charge EUR 3,000, turn around reports in under two weeks, and the report is structured so your engineers can fix it and your auditor can sign off on it. Most pentest firms charge EUR 15,000–40,000 and take six weeks. We built for a different kind of company.
Why we started this
A founder we know lost a Series A because when the lead investor asked for a pentest report, he didn't have one. Not a security failure. A paperwork failure. He'd built something real, had paying customers, good metrics. But no report. The round didn't close.
We'd seen that pattern enough times that we built something around it.
What we cover
Standard web and API pentesting: auth flows, access controls, session management, privilege escalation. But we also do AI red teaming, which more teams are starting to need and fewer firms actually know how to do.
If you shipped an LLM feature in the last 18 months (a chatbot, a co-pilot, a summarisation layer, anything) you added an attack surface your existing security process doesn't cover. Traditional pentesting doesn't test it. The threat model is completely different: the attacker isn't bypassing your auth, they're talking to your model.
What we find in those engagements: prompt injection (direct and indirect, including via documents and uploaded files), system prompt extraction, cross-user context leakage in multi-tenant products, and model abuse at scale. The output is the same as a standard pentest: documented findings, proof-of-concepts, a report your auditor accepts.
How we work
All testing is done by senior people. We use AI for reconnaissance and first-draft reports — that's how we keep pricing where it is. But the findings and the attestation letter have a named, qualified tester behind them. That matters because SOC 2, ISO 27001, and enterprise procurement require a human assessor.
Fixed price. No discovery call to get a proposal. Scoping form takes two minutes, you get a proposal in 24 hours.
Who it's for
Founders heading into fundraising or an enterprise sales cycle. Teams starting SOC 2 or ISO 27001. Anyone who shipped an LLM feature and hasn't had it tested by someone whose job is to break it.
Scope your assessment at faultlinesec.com/scope.
Happy to answer questions here about what a pentest covers, how AI red teaming works, what to expect from the process, or whether you even need one yet.
Replies