Getting started

Time: 10-15 minutes | Prerequisites: SQUR account, available credits

Welcome to SQUR. This guide walks you through running your first automated pentest from start to finish.

Need an account? Start at app.squr.ai.

Overview

By the end of this guide, you'll have:

• Configured and launched a pentest
• Monitored live testing activity
• Reviewed and managed findings
• Generated a professional security report

---

Quick start (5 minutes)

Fastest path to value:

1. Start a new pentest from the Dashboard
2. Add a primary target URL or domain
3. Confirm scope and click Start Pentest
4. Monitor activity in Active Pentest
5. Use Remediation to review, update status, and retest

---

Step 1: Create Your Pentest

1. Navigate to the Dashboard
2. Click Start New Pentest

3. Configure your test:

   • Target: Enter URLs or domains
   • Scope permissions: Set detection or exploitation per-URL (learn more)
   • Test Accounts: Add test accounts with credentials (learn more)
   • Additional Information (optional)

Allowlisting Required?

If your environment requires allowlisting, permit outbound traffic from these IPs:

• 104.155.20.182
• 34.76.33.170
• 34.22.192.89

See Security for defenders for more details.

Full configuration guide →

Step 2: Start Testing

1. Review consent terms and credit cost
2. Click Start Pentest

Testing starts immediately. You can pause at any time, but it may change the discovery path.

Full guide on pentest controls →

What to expect after starting

• Active Pentest shows live progress and activity.
• Remediation fills with findings as they are discovered.
• Reports appear after the pentest completes.

Step 3: Monitor Progress

Open Active Pentest to watch:

• Live attack vectors being tested
• Real-time finding discoveries
• Testing status and progress

You can monitor your pentest while it runs and see findings as they're discovered.

Full guide on active pentests →

Step 4: Manage Findings

In the Remediation tab:

• Review each finding's details
• Change status with justification
• View finding history and duplicates
• Request retests after fixes (learn more)

Full guide on managing findings →

Step 5: Generate Report

1. Go to Reports
2. Select level: Executive, Audit, Technical, or Full (learn more)
3. Download PDF

Different report levels serve different audiences, from executives to technical security teams.

Full guide on reports →

---

Next Steps

• Understand the pentest lifecycle
• See how SQUR works
• Learn about finding severity levels
• Follow the remediation workflow
• Common tasks
• Set up organization users and roles
• Manage billing and credits

Need Help?

• FAQ
• Troubleshooting