Question 1

What is an API endpoint?

Accepted Answer

An API endpoint is a specific URL combined with an HTTP method (GET, POST, PUT, DELETE). Each endpoint represents a unique function or resource of the API.

Question 2

How are the number of API endpoints calculated?

Accepted Answer

By counting each unique combination of method and URL. `GET /users` and `POST /users` count as two endpoints. Path parameters (`/users/{id}`) count once.

Question 3

What's a license?

Accepted Answer

One license = one person who runs scans. Three people scanning = three licenses (no sharing). Each license includes unlimited scans and unlimited endpoints, on-prem on every plan.

Question 4

Can licenses be shared between admins?

Accepted Answer

No. Each person who runs scans needs their own license. Sharing breaks the audit log and the licence.

Question 5

How can I start a free trial for a paid plan?

Accepted Answer

No free trial today. Licenses are affordable and scale per person who runs scans, so they fit teams of any size. Students get 10% off the first year.

Question 6

How much scale can BugDazz API Scanner handle?

Accepted Answer

Built for high-performance production environments. As an on-prem solution, scale follows the host. Reference point: 60 endpoints on an 8 GB / 8-core VM completes an authenticated OWASP API Top 10 + business-logic scan in 5 minutes.

Question 7

How long does a test run take?

Accepted Answer

Seconds to a few minutes for most APIs. Even thousands of endpoints typically finish in under an hour. Final time depends on host capacity, auth depth, and whether business-logic flows are enabled.

Question 8

Do software upgrades cost money?

Accepted Answer

No. Licensed software includes every version released during your subscription period. Versions released after the subscription can still be upgraded later on a new term.

Question 9

What happens if my subscription lapses?

Accepted Answer

All existing scan results stay intact and exportable. New scans require an active licence. No data is deleted.

Question 10

What does pentester support mean?

Accepted Answer

SecureLayer7 is a CREST-accredited offensive-security company. The same researchers who publish 9.4-9.9 CVSS CVEs help Enterprise customers reproduce, prioritise, and fix the findings the scanner raises. No separate retainer.

Capability	Standard	Enterprise
Scope & users
Number of scans	Unlimited	Unlimited
Number of endpoints	Unlimited	Unlimited
Scan users	1-4	Custom
User management (RBAC)
APIs supported
REST APIs
SOAP APIs
Test library
Authenticated scans
Unauthenticated scans
OWASP API Top 10 coverage
Business-logic test cases
LLM test cases
Custom YAML test templates
Integrations
Burp Suite · Postman import	Upcoming
CI/CD (Jenkins, GitHub, GitLab)
API gateway tools	Upcoming
Slack · Teams
Jira
ServiceNow	Upcoming
GPT for custom test cases	Upcoming
SSO, SAML / OIDC
Support
Pentester remediation support
Discord channel support
Email support

API scanning, tailored for every growth stage.

Unlimited scans, unlimited endpoints, on-prem on every plan. Two tiers: Standard for a team, Enterprise for the org.

Pay per license. Unlimited scans.

Every capability, on one screen.

What buyers askbefore they sign.

Trial, scale & runtime

Upgrades & lapses

Buy a license. Be scanning in under an hour.