Skip to main content
Open a new conversation in the Neo dashboard and tell Neo what to test. Include your target URL, credentials if the application requires authentication, and any specific scope you care about. 
Pentest https://app.staging.yourcompany.com

Credentials:
- Email: test@yourcompany.com
- Password: ••••••••

Focus on authentication, authorization, and any injection points 
in the user-facing flows.
That’s it. Neo takes over from here: it maps the application, plans the assessment, tests across multiple attack vectors, and validates every finding with a working exploit. You can watch the assessment unfold in real time — the tasks Neo creates, the tools it uses, and the reasoning behind each decision. A typical first assessment takes 15–45 minutes depending on the size and complexity of the application.

What You’ll Get Back

When the assessment completes, Neo delivers a set of validated findings. Each one includes:
  • The exact exploit — payload, request, and response that confirmed the vulnerability
  • Reproduction steps — a walkthrough your team can follow to verify it independently
  • Remediation guidance — specific to your codebase, pointing to the files and patterns involved
  • Severity and classification — based on real exploitability and impact, mapped to OWASP and CWE
If Neo connected to your issue tracker during setup, each finding is already created as a trackable issue in Linear or Jira with full evidence attached.

What Comes Next

Your first scan gives you a baseline. From here, Neo can expand into your ongoing development lifecycle:
  • Enable PR reviews to automatically assess every pull request for security issues before it merges. Go to Settings → Automation → PR Reviews.
  • Set up scheduled assessments to continuously test your full stack on a daily or weekly cadence. Go to Automations.
  • Push a fix for any finding and Neo automatically retests to confirm the vulnerability is resolved and monitors for regressions going forward.

Next: Core Concepts

Understand the architecture behind Neo’s assessments: agents, capabilities, memory, and more.