Pentest Credits

Empower teams to take charge of application security with a credit system, simplifying budgeting, and enabling teams to choose when and how to schedule pentests   

How it works

Simplifying pentests means simplifying budgets and payments. That’s why we utilize a credit system. Set cybersecurity budgets for the year, purchase credits, and empower teams to plan, schedule, and start pentests in line with development cycles and updates – without delays for finance and budgeting. With finance teams saving time, development teams taking ownership of pentesting and cybersecurity, and pentests integrating more seamlessly into existing Agile cycles, everyone wins.  

How Does Pricing Work?

Our simple pentest pricing is based on Scale + Scan Level.


Deep Scanning

Select the Scan level for your pentest at OWASP10 blackbox, ASVS L1 blackbox, or ASVS L2 greybox  

Set the scale of your pentest, choose the compliance level, and get started with completely transparent pricing and timelines.


Automatically retest findings following remediation to ensure fixes work. PentestHero delivers complimentary retesting with every pentest package, to ensure your team has everything it needs to fix vulnerabilities and stay secure. Developers can request retests directly through our platform, for truly collaborative pentesting.

How many credits do i need?

All pentests are priced based on two factors; the size and complexity of the website or application and the depth of testing. This two-factor pricing model is based on time-investment and the number of hackers needed to complete a pentest. If you’re unsure after reviewing our credit table, contact us for more information and a custom quote.  

Volume credits 

Cut costs across large projects with volume credit discounts. Organizations with multiple digital assets, or those budgeting for the year, can commit to a larger number of pentests at once, allowing us to offer a discount based on total volume of work. This allows us to better-serve larger organizations, while fitting more neatly into agile cycles for stronger security at a better price. 

How secure is your organization?