Custom-Tailored Security
Security That Fits
Security That Fits
Where You Are
Every engagement includes free retesting and a dedicated client portal. Contact us for a custom quote tailored to your environment.
Free Retesting
No Hidden Fees
Client Portal Access
Auditor-Ready Reports
A La Carte
Individual Services
Pick exactly the services you need. Every engagement includes free retesting. Contact us for a custom quote.
| Vibe Coding Review AI-generated & vibe-coded app security review | Get a Quote | 2-5 days | Details |
| Code Review Manual + automated source code analysis, SAST triage | Get a Quote | 3-5 days | Details |
| Web Application Pentest OWASP Top 10, business logic, auth & session | Get a Quote | 1-2 weeks | Details |
| API Penetration Testing REST, GraphQL, gRPC — OWASP API Top 10 | Get a Quote | 1-2 weeks | Details |
| Network / Infrastructure Internal & external, credential & relay attacks, lateral movement | Get a Quote | 1-3 weeks | Details |
| Mobile App Pentest iOS & Android, OWASP MASVS, runtime manipulation | Get a Quote | 1-2 weeks | Details |
| Cloud Pentesting AWS, Azure, GCP — IAM, storage, serverless | Get a Quote | 2-3 weeks | Details |
| Active Directory Domain escalation, Kerberoasting, BloodHound attack paths | Get a Quote | 2-3 weeks | Details |
| Container & Kubernetes Container escape, RBAC misconfig, image & registry | Get a Quote | 1-2 weeks | Details |
| SOC 2 Pentest Trust Services Criteria mapping, audit-ready format | Get a Quote | 1-2 weeks | Details |
| GLBA Pentest Safeguards Rule, customer data protection | Get a Quote | 1-2 weeks | Details |
| GDPR Pentest EU data protection controls, breach risk assessment | Get a Quote | 1-2 weeks | Details |
| ISO 27001 Pentest Annex A control effectiveness testing | Get a Quote | 2-3 weeks | Details |
| HIPAA Pentest ePHI validation, technical safeguard testing | Get a Quote | 2-3 weeks | Details |
| NIST CSF Pentest Identify, Protect, Detect framework alignment | Get a Quote | 2-3 weeks | Details |
| NIS2 Pentest EU critical sectors, incident response review | Get a Quote | 2-3 weeks | Details |
| HITRUST Pentest CSF control testing for healthcare & finance | Get a Quote | 2-3 weeks | Details |
| PCI-DSS Pentest Req. 11.3 compliant, segmentation testing, QSA-accepted | Get a Quote | 2-3 weeks | Details |
| SOX Pentest ITGC security testing for public companies | Get a Quote | 2-3 weeks | Details |
| CMMC Pentest Level 2 & 3 testing, CUI boundary validation | Get a Quote | 2-3 weeks | Details |
| FedRAMP Pentest NIST 800-53 controls, ATO package support | Get a Quote | 3-4 weeks | Details |
Also available: DORA, CCPA, CASA/MASA, CIS Controls, and more. View all →
| Social Engineering Phishing, vishing campaigns, employee analytics | Get a Quote | 2-4 weeks | Details |
| Wireless Pentesting Evil twin, rogue AP, WPA2-Enterprise, Bluetooth & RF | Get a Quote | 3-5 days | Details |
| Thick Client Testing Desktop apps — binary, memory, IPC analysis | Get a Quote | 1-2 weeks | Details |
| AI Agent Pentest LLMs, prompt injection, RAG attacks, OWASP LLM Top 10 | Get a Quote | 1-2 weeks | Details |
| Physical Pentesting Badge cloning, tailgating, lock bypass, insider simulation | Get a Quote | 1-2 weeks | Details |
| Smart Contract Audit Web3/DeFi — code review, economic attacks, flash loans | Get a Quote | 1-3 weeks | Details |
| IoT & Hardware Firmware extraction, UART/JTAG/SPI, wireless protocols | Get a Quote | 2-4 weeks | Details |
| ATM & Banking Terminal Physical security, firmware audit, PCI PTS, skimming | Get a Quote | 2-3 weeks | Details |
| Red Team Operations Full adversary simulation, physical + digital, custom TTPs | Get a Quote | 4-8 weeks | Details |
| Attack Surface Management Continuous asset discovery, vulnerability scanning, alerts | Get a Quote | Ongoing | Details |
| ASM Professional Everything in ASM + executive reports, integrations, account manager | Get a Quote | Ongoing | Details |
| Access Reviews User entitlements, least-privilege gaps, stale accounts | Get a Quote | 2-5 days | Details |
| Vulnerability Management Continuous scanning, prioritized remediation, SLA-backed | Get a Quote | Ongoing | Details |
| Patch Management Automated deployment, risk-based prioritization, rollback | Get a Quote | Ongoing | Details |
Annual Bundles
Save Big with an Annual Program
Most companies save significantly by bundling. Each includes testing hours, retesting, client portal, and dedicated account management.
Most Popular
Offensive Security
Find and fix vulnerabilities before attackers do
Custom Quote
Tailored to your needs
Save with annual commitment
- 2x Web Application Pentests
- 1x Network / Infrastructure Pentest
- 1x API Security Assessment
- 160 testing hours / year
- 24 retesting hours included
- Attack Surface Management
- Quarterly Vulnerability Scanning
- Client Portal & Remediation Tracking
Defensive Security
24/7 monitoring, detection, and incident response
Custom Quote
Tailored to your needs
SOC + EDR + IR combined
- SOC as a Service (24/7/365)
- SIEM & Log Management
- Endpoint Detection & Response
- Incident Response Retainer
- Attack Surface Management
- Threat Intelligence Feed
- Monthly Security Reports
Compliance Package
Get audit-ready and stay compliant with Anchorpoint
Custom Quote
Tailored to your needs
Pentest + full audit prep
- Compliance Pentest (SOC 2, ISO, or PCI)
- Gap Assessment & Readiness Review
- Policy & Procedure Templates
- 80 testing hours / year
- 16 retesting hours included
- Continuous Compliance Monitoring
- Quarterly Security Reviews
- Add Vanta/Drata (ask for details)
Need everything? The Full Stack Bundle combines offensive + defensive + compliance for maximum savings. Contact us for details →
Scoping
What Affects Pricing?
Every engagement is scoped individually based on your environment. Here's what we look at.
Scope & Complexity
Number of endpoints, user roles, integrations, and application size directly affect testing time and cost.
Testing Approach
Black box (no access), gray box (partial), or white box (full source) — each requires different effort.
Compliance Requirements
SOC 2, PCI-DSS, HIPAA, and other frameworks require additional testing controls and specialized reporting.
FAQ
Pricing FAQ
How much does a penetration test cost?
It depends on scope and complexity. We offer web application, network, mobile, cloud, and compliance-focused testing, each priced based on your specific environment. We provide a free scoping call to give you an exact quote.
Is retesting included?
Yes. All penetration testing engagements include one round of free retesting after you remediate the findings. This ensures your fixes work and gives you a clean report for compliance or stakeholders.
Do you offer startup or bundle pricing?
Yes. We offer three annual bundles: Offensive Security, Compliance, and Defensive Security. Each provides significant savings vs. purchasing services individually. You can also combine all three with our Full Stack Bundle for additional savings. Contact us for a custom quote.
What's included in the Compliance Package Vanta add-on?
The Vanta or Drata compliance automation add-on provides a license for continuous infrastructure monitoring, automated evidence collection, and year-round audit readiness. We handle integration, onboarding, and auditor coordination. Contact us for pricing details.
What do I get in the report?
Every engagement delivers an executive summary, detailed technical findings with CVSS scores, proof-of-concept exploits, step-by-step reproduction instructions, prioritized remediation guidance, and compliance mapping. Formatted for both technical teams and executive stakeholders.
How quickly can you start?
Typical lead time is 1-2 weeks from scoping to kickoff. For urgent engagements (compliance deadlines, insurance requirements, pre-launch testing), we can often accommodate faster timelines.
Ready to Get Started?
Book a free scoping call to talk through your needs with a security engineer and get a custom quote.
Not sure which service fits?
Ask Lory — our AI assistant knows every service and can help you find the right fit. Get instant answers.
