Pentest Credits

Empower teams to take charge of application security with a credit system, simplifying budgeting, and enabling teams to choose when and how to schedule pentests   

How it works

Simplifying pentests means simplifying budgets and payments. That’s why we utilize a credit system. Set cybersecurity budgets for the year, purchase credits, and empower teams to plan, schedule, and start pentests in line with development cycles and updates – without delays for finance and budgeting. With finance teams saving time, development teams taking ownership of pentesting and cybersecurity, and pentests integrating more seamlessly into existing Agile cycles, everyone wins.  

How Does Pricing Work?

Our simple pentest pricing is based on Scale + Scan Level.

 

Small

credits2
  • Simple websites
  • CMS (Joomla, WordPress, etc)
  • Static data and file uploads
  • 1 Host (1 website)
  • Extra Host: +1 credit

Medium

credits3
  • Dynamic websites, API, Mobile app
  • Simple SaaS applications
  • Database backend
  • 1 Host included (1 URL/IP)
  • Extra Host: +1 credit

Large

credits4
  • Large SaaS applications
  • Large customer base
  • On-premise / Public cloud
  • 1 Host included (1 url / ip)
  • Extra Host: +2 credit

Deep Scanning

Select the Scan level for your pentest at OWASP10 blackbox, ASVS L1 blackbox, or ASVS L2 greybox  

Basic Scan

Owasp Top 10
credits+0
  • Standard Compliance
  • Owasp Top 10 Checklist
  • Black-box
  • 1 Ethical Hacker

Standard Scan

OWASP ASVS L1
credits+1
  • Standard Compliance
  • ASVS Level 1 Checklist
  • Black-box
  • 1 Ethical Hacker

Deep Scan

OWASP L2
credits+2
  • Advanced Compliance
  • ASVS Level 2 Checklist
  • Gray-box
  • 2 Ethical Hacker
Set the scale of your pentest, choose the compliance level, and get started with completely transparent pricing and timelines.
Start a Pentest

Retesting

Automatically retest findings following remediation to ensure fixes work. PentestHero delivers complimentary retesting with every pentest package, to ensure your team has everything it needs to fix vulnerabilities and stay secure. Developers can request retests directly through our platform, for truly collaborative pentesting.

Contact us

How many credits do i need?

All pentests are priced based on two factors; the size and complexity of the website or application and the depth of testing. This two-factor pricing model is based on time-investment and the number of hackers needed to complete a pentest. If you’re unsure after reviewing our credit table, contact us for more information and a custom quote.  

Contact us

Volume credits 

Cut costs across large projects with volume credit discounts. Organizations with multiple digital assets, or those budgeting for the year, can commit to a larger number of pentests at once, allowing us to offer a discount based on total volume of work. This allows us to better-serve larger organizations, while fitting more neatly into agile cycles for stronger security at a better price. 

Contact us

How secure is your organization?

Start Your Pentest