Frequently Asked Questions

Automated scanners run scripted tests and can't adapt to defenses or reason about business logic. S6 Spectra uses multi-agent orchestration and cyclic reasoning graphs so agents can plan reconnaissance, adapt to defensive responses, and explain why they selected each test. It is built for authorized assessment workflows, not one-size-fits-all scanner runs.

Cloud deployment with H100 GPUs delivers maximum speed for organizations wanting fastest possible assessments. On-premise runs at reduced speed but is entirely sufficient for scheduled penetration testing during maintenance windows—many scheduled engagements complete testing in hours, not days. For air-gapped and classified environments, on-premise is the only option and provides complete data sovereignty.

No. S6 Spectra is designed for security teams, not data scientists. You define testing scope and objectives in plain language. The agentic AI handles methodology, tool selection, and execution autonomously. Reports are readable by security professionals without AI expertise.

ScopeGuard is our unique rules of engagement enforcement system. It validates every agent action against defined scope in real-time, automatically pausing missions if violations are detected. This prevents autonomous agents from testing unauthorized systems—critical for production environments and regulated industries.

Traditional engagements can be hard to verify after the report arrives: what was tested, what was skipped, and which evidence supports each finding. S6 Spectra logs tests, methodology, and findings so teams can review the assessment path, challenge weak evidence, and repeat testing when the application changes.

Yes. S6 Spectra supports air-gapped deployment with local LLM hosting and no external network dependency for core testing. That design suits classified, restricted-network, and strict data-sovereignty environments where cloud assessment tools are not acceptable.

We contribute security tools to the community under appropriate licenses at github.com/s6securitylabs. Enterprise products like Spectra maintain proprietary IP while leveraging vetted open source components. All dependencies are disclosed with Software Bill of Materials (SBOM) documentation.

S6 Spectra is designed with SOC 2-aligned controls and audit evidence collection. Findings can map to NIST, OWASP, and MITRE ATT&CK frameworks. HIPAA, PCI-DSS, and government requirements are supported through deployment configuration and roadmap planning where applicable.

Annual subscription based on testing scope and deployment type. On-premise deployment includes licensing for local LLM usage. Cloud deployment offers managed infrastructure. Contact sales for custom pricing based on your environment and requirements.

Minimum: Modern server with GPU (e.g., NVIDIA RTX 4090 or higher). Recommended: Dedicated testing environment isolated from production. Storage for test artifacts and forensic logs. Network access to target systems within scope. We'll help you size infrastructure during the implementation planning phase.

On-premise: 1-2 weeks including installation, scope configuration, and initial testing. Cloud: 3-5 days for provisioning and scope setup. Includes training for your security team on mission planning and report interpretation.

Enterprise support includes technical support, onboarding, review sessions, escalation for complex findings, and a path for priority feature requests. Training and onboarding are included.