Pricing alternative to Intruder

Intruder positions itself as a scanner with per-seat pricing and add-ons for larger portfolios. middleBrick uses a capacity-based model with tiers aligned to the number of APIs you own. The Free tier is zero-cost and supports basic scans from the CLI. The Starter tier at 99 dollars per month includes 15 APIs, a dashboard, email alerts, and the MCP Server. The Pro tier at 499 dollars per month covers 100 APIs, with additional APIs billed at 7 dollars each, plus continuous monitoring and CI/CD integration. Enterprise plans are priced at 2000 dollars per month and above for unlimited APIs, custom rules, and dedicated support.

Intruder offers broad vulnerability categories and scheduled scans. middleBrick maps findings to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10 (2023), and helps you prepare for other frameworks through alignment with security controls described in relevant standards. It includes black-box scanning with no agents or SDKs, under one minute scan time, read-only methods, and support for Bearer, API key, Basic auth, and Cookie authentication. Continuous monitoring in Pro delivers scheduled rescans every six hours, daily, weekly, or monthly, with diff detection and email alerts rate-limited to one per hour per API. HMAC-SHA256 signed webhooks notify external systems, auto-disabling after five consecutive failures.

middleBrick detects issues across 12 categories aligned to OWASP API Top 10 (2023), including authentication bypass, JWT misconfigurations such as alg=none and expired tokens, BOLA and IDOR via adjacent ID probing, BFLA and privilege escalation through admin endpoint exploration, and property over-exposure. It identifies input validation issues like CORS wildcards and dangerous HTTP methods, rate-limit header presence, and data exposure patterns including emails, Luhn-validated card numbers, context-aware SSNs, and API key formats for AWS, Stripe, GitHub, and Slack. Error and stack-trace leakage, missing versioning, webhook surfaces, and LLM-specific adversarial probes are also covered. The scanner parses OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution and cross-references spec definitions against runtime findings.

middleBrick is a scanner and does not fix, patch, block, or remediate findings. It does not perform active SQL injection or command injection testing, which requires intrusive payloads outside its scope. Business logic vulnerabilities are not detected, as they require domain context best handled by human assessors. Blind SSRF is out of scope due to the absence of out-of-band infrastructure verification. The tool does not replace a human pentester for high-stakes audits. Private IPs, localhost, and cloud metadata endpoints are blocked at multiple layers, and customer data is deletable on demand and purged within 30 days of cancellation.

For teams already using CI/CD, the GitHub Action enforces a score threshold and fails the build when security posture degrades. The CLI provides terminal access via middlebrick scan , with JSON or text output for scripting. The MCP Server enables scanning from AI coding assistants such as Claude and Cursor. The Web Dashboard centralizes scans, report downloads, and score trend tracking, with branded compliance PDFs available for Pro and Enterprise tiers.