Pentest Credits
Empower teams to take charge of application security with a credit system, simplifying budgeting, and enabling teams to choose when and how to schedule pentests.
How it works
Simplifying pentests means simplifying budgets and payments. That’s why we utilize a credit system. Set cybersecurity budgets for the year, purchase credits, and empower teams to plan, schedule, and start pentests in line with development cycles and updates – without delays for finance and budgeting. With finance teams saving time, development teams taking ownership of pentesting and cybersecurity, and pentests integrating more seamlessly into existing Agile cycles, everyone wins.

How Does Pricing Work?
Our simple pentest pricing is based on Size + Scan Level. We want to help you along your security journey: from Awareness to Secured and Impenetrable.
Level 1 - Awareness
Small
Basic Website
2 Credits
Medium
Webapplication
3 Credits
Large
Enterprise App
4 Credits
Upgrade to Level 2 -1 Credit
Yearly subscription -1 Credits
Level 2 - Secured
Small
Basic Website
4 Credits
Medium
Webapplication
8 Credits
Large
Enterprise App
12 Credits
Upgrade to Level 3 -1 Credit
Yearly subscription -1 Credits
Level 3 - Advanced
Small
Basic Website
8 Credits
Medium
Webapplication
16 Credits
Large
Enterprise App
20 Credits
Yearly subscription -3 Credits
Add-ons
Compliance
+2 Credits
Code Review
+8 Credits
Small
Basic Website
Medium
Webapplication
Large
Enterprise App
Level 1 - Awareness
Manual vs Automation
Pentest Process
50 % / 50 %
Basic automated testing for common issues like XSS /SQLiOWASP OTG v4
Pentest Methodology
Partial
OWASP ASVS Level
Pentest Methodology
Level 1
OWASP TOP 10
Pentest Report
Yes
Pentest Platform
Collaboration and Reporting
Full access
Duration
Testing time
2 days
Level 2 - Secured
Manual vs Automation
Pentest Process
70 % / 30 %
Extensive manual research customized for the siteOWASP OTG v4
Pentest Methodology
Full
OWASP ASVS Level
Pentest Methodology
Level 2
OWASP TOP 10
Pentest Report
Yes
Pentest Platform
Collaboration and Reporting
Full access
Duration
Testing time
3-5 days
Level 3 - Advanced
Manual vs Automation
Pentest Process
80 % / 20 %
Custom scripts and manual researchOWASP OTG v4
Pentest Methodology
Full
OWASP ASVS Level
Pentest Methodology
Level 2
OWASP TOP 10
Pentest Report
Yes
Pentest Platform
Collaboration and Reporting
Full access
Duration
Testing time
5+ days
Manual vs Automation
Pentest Process
OWASP OTG v4
Pentest Methodology
OWASP ASVS Level
Pentest Methodology
OWASP TOP 10
Pentest Report
Pentest Platform
Collaboration and Reporting
Duration
Testing time
Retesting
Automatically retest findings following remediation to ensure fixes work. PentestHero delivers complimentary retesting with every pentest package, to ensure your team has everything it needs to fix vulnerabilities and stay secure. Developers can request retests directly through our platform, for truly collaborative pentesting.


How many credits do i need?
All pentests are priced based on two factors; the size and complexity of the website or application and the depth of testing. This two-factor pricing model is based on time-investment and the number of hackers needed to complete a pentest. If you’re unsure after reviewing our credit table, contact us for more information and a custom quote.
Volume credits
Cut costs across large projects with volume credit discounts. Organizations with multiple digital assets, or those budgeting for the year, can commit to a larger number of pentests at once, allowing us to offer a discount based on total volume of work. This allows us to better-serve larger organizations, while fitting more neatly into agile cycles for stronger security at a better price.
