ezotech.net

What It Is

EzoTech’s Tanuki Pentesting Platform is a SaaS platform designed for penetration testing scenarios. The official site describes it as the “world's first autonomous, AI powered pentesting platform.” Its core value proposition is the use of patented technology to let users launch a complete NIST compliant penetration test with “one click,” while gaining continuous, on-demand insight into their security posture.

Core Capabilities and Security Coverage

In terms of protection category, this is not a traditional firewall, EDR, or WAF. It is closer to an automated penetration testing platform focused on offensive validation and security assessment, suitable for discovering exposed attack surfaces, validating the effectiveness of defenses, and supplementing human red-team capabilities. For deployment, the text explicitly describes it as a SaaS solution and emphasizes that tests can be launched from around the world. On compliance, the only visible claim is NIST compliant penetration test; there is no disclosure of the platform’s own certifications such as SOC 2, ISO 27001, or GDPR. For management and alerting, the site only mentions gaining security posture insight, without clarifying whether it supports dashboards, report exports, alert notifications, ticket workflows, or SIEM integration. Integration capabilities are also not covered in the available text.

Pricing and Commercial Information

The crawled website content does not show pricing, plans, free trials, asset-based billing, test-count-based billing, or similar details. It only provides a Request Demo entry point. Before procurement, buyers should therefore confirm the test scope, asset authorization model, sample reports, false-positive handling, data retention, and liability boundaries through a demo.

Pros and Cons

The advantages are its clear positioning, with an emphasis on automation, AI-driven testing, on-demand execution, and continuous security posture insight. This can be attractive to teams that lack in-house penetration testing resources. The NIST compliance wording may also help with compliance communication. The downside is that the public information is fairly marketing-oriented, with limited technical detail, integration documentation, pricing, or service support commitments, making it difficult to judge testing depth and stability based on the website alone.

Who It’s For and Access from China

It is better suited to mid-sized and large enterprises, startup security teams, compliance-driven organizations, and security professionals that need continuous penetration testing. For access from China, the available text only shows connection verification information, so it is not possible to determine whether direct access is stable. Payment methods are also unknown. If deploying in China, it is advisable to evaluate local alternatives as well, such as Chaitin Tech, Knownsec, DBAPPSecurity, and NSFOCUS, to meet local network, contract, payment, and compliance requirements.