Tank Agent re-runs the free Tank Scan on a schedule, watches for change, drafts the reports you would otherwise have to write, and routes the moments that matter to a Forensic Five analyst. It is deliberately co-managed — never automation theatre.
Early-access pricing locked in for founding customers. No hype, no auto-charges — we’ll talk to you before you pay.
You can’t secure what you don’t continuously observe. You can’t observe at human cost. Tank Agent instruments the boring parts so analysts are reserved for the moments that actually require judgement.
Scheduled re-runs of the Tank Scan engine, plus uptime, certificate, DNS, and surface-change detection — producing a posture journal Tank can reason over instead of one-shot snapshots.
Tank narrates what changed, why it matters, and what to do — not raw diff dumps. Monthly recaps and audit-evidence narratives drafted in language operators and auditors actually use.
When confidence drops or severity rises, Tank routes you to a named Forensic Five analyst with the context already assembled. Pentests, incident response, and consulting are the natural next step — not a separate sales motion.
Free Tank Scan answers the question “is my site safe right now?” Tank Agent answers the harder question: “is it still safe next week, and the week after, and will I notice when it isn’t?”
Each lane builds on the last. Lower tiers cover the first lane; higher tiers unlock the second and third.
The wrong product sold honestly is worse than no product at all. These are the lines we will not cross, and they are part of the offer.
Tank Agent observes and narrates. If you need inline blocking, endpoint isolation, or a full SIEM, we’ll help you choose one and Tank will reason over its output.
Anything that mutates your infrastructure requires a documented, scoped grant. Default is suggest-and-explain, not act-without-asking.
Tank lives in our console and your own channels — not in your visitor experience. Your customers should never know it exists.
No tool is. We sell visibility, narration, and faster human response, with appropriate disclaimers. Anyone who promises more is either lying or hasn’t been hacked yet.
Bands shown in CAD. We publish prices because buyers trust transparency — and because per-vulnerability pricing is confusing and adversarial. Annual prepay saves roughly two months.
Early-access pricing locked in for founding customers.
For anyone curious
Solo founders, small sites
SMB primary site of record
Agencies, regulated SMBs, multi-site
Enterprise, public sector, agencies at scale
Pricing bands are working drafts — final tier pricing is set with each early-access customer based on scope and onboarding date. Analyst hours are always line items, never buried.
Tank Agent is not trying to be your whole security stack — it’s the layer that watches, narrates, and routes, so the tools and people you already pay for get used at the right time.
Tank Agent reads what they expose — status, headers, blocked traffic shapes — and explains it back to you in language a non-engineer can act on.
Slack, Teams, email, webhook, ticketing. Tank lands in the channel where work already happens, not in another login screen.
SOC 2, ISO 27001, PCI light, internal policy — Tank drafts evidence narratives mapped to whichever framework you actually care about.
Pentesting, incident response, consulting, training — Tank Agent is the funnel that gets us in the room with the context already assembled.
No — default behaviour is observe and narrate. Any action that mutates your infrastructure (header tweaks, WAF rules, cert renewals) requires an explicit, scoped grant from you, and is logged in the posture journal so you can audit it later.
No. The scanner engine and the posture journal are ours. The AI layer is a thin orchestration that takes posture deltas plus journal context and produces narratives; outputs always cite the underlying finding IDs so you can verify what informed each statement. We pick the model that does the job well and swap it when a better one shows up — without changing the contract you signed.
An uptime monitor pings you when the site is down. Tank Agent is closer to a part-time security operations team: it reasons about posture drift (headers, certificates, DNS, change), drafts the reports an auditor or executive will ask for, and routes you to a human analyst when the situation warrants one.
Customer data is stored in Canada, scoped per tenant, and accessible only to your account and the named Forensic Five analysts on your engagement. The full data-handling posture is documented in your service agreement before you pay anything.
Monthly tiers cancel at the end of the billing period. Annual prepay is non-refundable past the first 30 days — which is also when you’ll have decided whether the monthly recap is worth the line item.
Not at launch — we want pricing and operations stable first. Agencies can run client sites under the Defend tier today and we’ll co-design the white-label path with the first few partners that ask for it.
Tell us what you’d want Tank Agent watching. We’ll respond with the scoped offer that matches — not a marketing sequence.