The Problem

EASM shouldn't cost $3,600/year or take weeks to set up

Without SEAMUS

SaaS EASM tools cost $300–500/month — and you never own the data
DIY scanning is fragile — stitching Amass, Nuclei, and ZAP together takes weeks
No one reviews raw scan output — thousands of lines of JSON that sit unread
Compliance auditors want evidence — "we scan sometimes" doesn't cut it

With SEAMUS

$1,000 first year, $500/yr renewal — a fraction of what SaaS EASM costs
Just add your domains — SEAMUS autodiscovers subdomains, ports, and services daily
AI reads your scans for you — analyzes results, flags anomalies, explains CVEs in plain English
Compliance evidence — hash-chained audit log, SOC 2 & ISO 27001 control mapping

What You Get

An orchestration platform, not just a scanner

We evaluate, select, install, and integrate the best open-source security tools into a tested, turnkey platform — then add AI analysis, a management Console, compliance tooling, and enterprise-grade reporting on top. The underlying tools are free. What you pay for is the curation, orchestration, and everything that makes them work together.

SEAMUS Console

A web-based command center with an integrated investigation workflow. Filter findings by severity, expand any vulnerability to see every affected URL and attack payload, then click one button to get an AI analysis or mark it as a false positive. Configuration, documentation, compliance, and exclusion management — all in one place.

AI-Guided Investigation

Click any finding and ask the AI: "Is this real?" SEAMUS sends the full vulnerability context — including attack payloads, affected endpoints, and remediation guidance — to Claude, who explains the risk, assesses true vs. false positive, and recommends what to do next. Built into the Console, not a separate tool.

Automatic Discovery

Add your root domains — SEAMUS finds the rest. Subdomains, open ports, running services, and web apps are discovered automatically. New assets are detected daily, so forgotten infrastructure doesn't stay forgotten.

Multi-Format Reports

HTML for review, Markdown for git, PDF for executives, CSV for SIEM import. Four report formats generated automatically after every scan.

7-Channel Notifications

Google Chat, Slack, Microsoft Teams, Discord, email, webhooks, and custom scripts. Topic-tagged alerts for weekly summaries, discoveries, criticals, and cert expiry.

Compliance & Audit

SHA-256 hash-chained audit log, SOC 2 and ISO 27001 control mapping, tool validation reports. Designed to satisfy audit evidence requirements.

Self-Hosted, Your Data

Runs on your infrastructure via Docker or Podman. No data leaves your network. No vendor lock-in. Scans keep running even without a license. See requirements

How It Works

From zero to monitoring in minutes, not weeks

SEAMUS runs on Docker or Podman. Works on Linux and Windows (WSL2).

Configure

Run ./seamus setup. Add your root domain names — that's it. SEAMUS autodiscovers subdomains and infrastructure from there.

Deploy

Run ./seamus up. Three containers start: the scanner, the Console, and Uptime Kuma for availability monitoring.

Scan

Scans run automatically on your schedule. Daily discovery, weekly deep scans, DAST, and SSL cert monitoring — all out of the box.

Review

Open the SEAMUS Console. Filter by severity, expand any finding to see details and attack payloads, then click to get an AI explanation — or mark it as a false positive with one click.

Resolve

AI tells you whether each finding is real or a false positive, explains the risk in plain language, and gives you exact steps to fix it. Fix what's real, exclude what isn't. Your next scan reflects the changes.

AI Analysis

AI-powered analysis, reviewing every scan

To our knowledge, no competing self-hosted EASM tool currently offers integrated AI analysis (as of April 2026). SEAMUS turns raw scan data into actionable insight automatically.

What the AI does

Finding investigation — click any vulnerability finding and the AI receives the full context: severity, CWE, every affected URL, attack payloads, and remediation guidance. It explains the risk, assesses whether it's a true positive or false positive, and tells you exactly what to do
Weekly digest — natural-language summary of your attack surface, delivered to your chat channel
Anomaly detection — flags new hosts, unexpected ports, and trend changes after weeks of stability
CVE explainer — plain-English vulnerability explanations with remediation steps and false positive assessment
Console chat — ask questions about your scan data, configuration, or security posture directly in the web UI

── You clicked "Chat about this finding" on a SQL Injection alert ──

Finding: SQL Injection (High) on app.example.com

Instances: 6 endpoints, POST to /login and /api/auth

This is likely a false positive. The application is behind Cloudflare WAF with SQL injection rules active. ZAP's automated payloads would be blocked at the edge before reaching your application.

To verify: Check your Cloudflare WAF event log for blocked requests during the scan window. If blocks are present, this confirms the WAF is protecting the endpoint.

Recommendation: Mark as false positive with reason "Cloudflare WAF active." Set a 90-day expiry so SEAMUS re-checks after your next WAF rule update.

Pricing

$1,000/yr — not $300/month forever

Simple, transparent pricing. No per-asset fees. No monthly drain. No sales call required.

Professional

$1,000

first year — includes license, updates, & support

Early adopter offer

Sign up during launch and lock in $500/yr renewal for your first 5 years. Includes updates, Console, AI, and support. Standard renewal pricing will increase after the launch window.

Unlimited domains and assets
SEAMUS Console — web UI, AI chat, compliance
AI-powered scan analysis
Subdomain enumeration & port scanning
Vulnerability scanning (Nuclei)
DAST web app scanning (ZAP)
SSL certificate expiry monitoring
Uptime monitoring (Uptime Kuma)
7-channel notifications
4 report formats (HTML, PDF, MD, CSV)
Compliance & audit tooling
Priority email support
12 months of updates

Stop renewing? Scans keep running — you lose the Console, AI, reports, and notifications. Details

Start Free Trial

Questions? sales@seamus.app

MSP / Enterprise

Coming Soon

Multi-tenant support for service providers

Everything in Professional
Multi-tenant support
Per-client configurations
Volume licensing
Priority support

Interested? Let us know and we'll notify you when it's available.

Get Notified

Buying an EASM Tool?

Questions to ask before you buy

Whether you choose SEAMUS or something else, these are the questions that separate good EASM tools from expensive disappointments.

What does it actually cost per year?

Many EASM vendors require a sales call to get pricing. Others quote monthly rates that add up to thousands annually. Look for published pricing with no surprises.

SEAMUS: $1,000 first year, $500/yr renewal — published right here, no sales call.

Are there per-asset or per-domain fees?

Some vendors charge by the number of assets, domains, or IPs you monitor. That means your cost grows as your attack surface grows — exactly when you can least afford surprises.

SEAMUS: No per-asset fees. Scan everything you own.

Can it run on your infrastructure?

Most EASM tools are SaaS-only. Your scan results, vulnerability details, and infrastructure topology live on the vendor's cloud. If your security policy, compliance requirements, or data sovereignty rules require keeping that data in-house, ask whether a self-hosted option exists.

SEAMUS: Self-hosted by design. Docker or Podman, your network, your data.

What happens to your data if you cancel?

Ask whether you keep access to historical scan data after your subscription ends — or whether it disappears.

SEAMUS: All data stays on your machine. Scans keep running. Your data was never anywhere else.

Is AI analysis included, or is it an add-on?

Some vendors reserve AI-powered features for premium tiers or charge separately. Ask what's included at the base price.

SEAMUS: AI-assisted scan analysis is included in every license. You provide your own API key; typical usage costs ~$1–2/month.

Is there a free trial — without a credit card?

Ask how long the trial lasts, whether it requires a credit card, and whether you get full functionality or a limited demo.

SEAMUS: 14 days, full functionality, no credit card, no restrictions.

What compliance evidence does it produce?

If you need to demonstrate continuous monitoring to auditors, ask what evidence the tool generates. Ask for specifics: audit log format, tamper resistance, framework mappings.

SEAMUS: SHA-256 hash-chained audit log, SOC 2 and ISO 27001 control mapping, tool validation reports — designed for audit evidence requirements.

Who reviews the raw scan output?

Thousands of lines of JSON don't help if nobody reads them. Ask whether the tool summarizes findings, flags what changed, and tells you what to fix first — or whether it just dumps data.

SEAMUS: AI analyzes every scan, delivers plain-English summaries, flags anomalies, and explains CVEs with remediation steps.

Community

The tools are free. The assembly is the product.

SEAMUS is built on world-class open-source security tools. Use them yourself, or let us handle the integration.

Amass

Subdomain enumeration and attack surface mapping

github.com/owasp-amass/amass

Nuclei

Fast, template-based vulnerability scanner

github.com/projectdiscovery/nuclei

naabu

Fast port scanning and discovery

github.com/projectdiscovery/naabu

ZAP

Dynamic application security testing (DAST)

zaproxy.org

Uptime Kuma

Uptime monitoring with status pages

github.com/louislam/uptime-kuma

Flask

Python web framework powering the SEAMUS Console

flask.palletsprojects.com

Know your attack surface before attackers do