🧭
Customized Engagement Parameters
Every assessment begins with a scoping workshop and a written Rules of Engagement: targets, exclusions, windows, escalation, and safety constraints.
Penetration Testing
Pen testing that’s built to be actionable.
Human-led, AI-augmented. White-glove delivery with customized engagement parameters, clear reporting, and a retest included to validate fixes.
Important: No single penetration test fits every organization. We tailor scope, depth, and constraints to your systems, risk tolerance, and objectives.
Maturity
What “mature” penetration testing looks like
We focus on reducing real-world risk—not just generating findings. That means clarity before testing, safe execution during testing, and measurable validation after remediation.
🧪
Human-led, AI-augmented (Disclosed)
We use AI to accelerate pattern discovery and documentation, but every finding is verified by a human tester. AI assistance is disclosed.
✅
Retest Included
One retest is included to validate remediation. You get an updated validation summary you can share with leadership and auditors.
Coverage
Test types
Select one test—or combine them into an annual program. We’ll tailor depth and realism to your goals.
Web App Penetration Testing
- Business logic + auth/authorization testing
- OWASP-style control verification
- Role-based testing (multiple user roles)
API Penetration Testing
- Auth, token, and object-level access controls
- Rate-limits, abuse cases, and data exposure
- Modern API patterns (REST/GraphQL)
External Network Pen Test
- Internet-facing assets & misconfigurations
- Exploitation validation where appropriate
- Attack path narratives for leadership
Internal Network / Active Directory
- Lateral movement and privilege escalation (if approved)
- Identity, segmentation, and admin pathways
- Clear “attack chain” documentation
Cloud & Identity Testing
- Azure/AWS posture and identity workflows
- Configuration review tied to real exploit paths
- Zero Trust verification
Wireless / Social Engineering
- Clearly scoped, opt-in only
- Safety controls + comms plan
- Actionable training outcomes
White glove
Our engagement flow
A clean process reduces disruption and produces better results. We plan, execute safely, report clearly, and validate fixes.
1) Scope & Rules of Engagement
We align on goals, targets, testing windows, constraints, and success criteria. You get written rules of engagement.
2) Execution (Human-led)
Manual testing augmented by tooling and AI-assisted acceleration. We validate impact and avoid unsafe disruption.
3) Reporting & Readout
Executive summary + technical report with evidence and remediation guidance. Optional remediation workshop.
4) Remediation Support
We answer questions, clarify reproduction steps, and provide prioritization guidance for your teams.
5) Retest Included
We validate agreed fixes within the retest window and provide a validation update you can share with stakeholders.
6) Program Options
Annual or quarterly testing programs with consistent KPIs and trending (especially helpful for audits and insurance).
Deliverables
What you receive
Two audiences, one story: leadership clarity and technical actionability.
Executive pack
- Scope + objectives (what was tested)
- Risk overview and business impact
- Top findings with prioritization
- Program recommendations
Technical report
- Methodology & test narrative
- Findings with evidence and reproduction steps
- Risk scoring (with prioritization guidance)
- Remediation guidance (config/code level where appropriate)
- Appendices (assets tested, timestamps, notes)
AI disclosure
Human touch, augmented with AI
We’re transparent about AI usage because trust matters.
What AI may assist with
- Accelerating pattern discovery and hypothesis generation
- Cross-referencing known exploit primitives
- Drafting structured documentation (reviewed by humans)
What AI does not do
- No “AI-only findings” — every finding is human-verified
- No unsafe automated exploitation without approval
- No undisclosed AI contribution to deliverables
Data handling
- We minimize collection and preserve evidence appropriately
- No sharing of sensitive customer data with public models without written approval
- AI assistance can be constrained or opted out by agreement
Fees
Clear and straightforward fee structure
We quote fixed fees based on scope and complexity. No surprises: if scope changes, we use a written change order.
Essentials
Single target (e.g., one web app or external perimeter). Great for annual requirements and vendor assurance.
- Fixed fee by target type
- Executive + technical report
- Retest included
Standard
Multi-surface testing (web + API, or external + internal). Best for organizations with moderate complexity.
- Role-based testing included
- Readout with Q&A
- Retest included
Comprehensive
Higher complexity (internal/AD + cloud + apps) for deeper assurance and board-level clarity.
- Attack path narrative
- Optional remediation workshop
- Retest included
What affects price (and why it matters)
- Number of targets (apps, APIs, IP ranges) and environments (prod/stage)
- Authentication complexity (roles, SSO, MFA flows)
- Testing windows and safety constraints
- Compliance requirements and reporting format (SOC 2, HIPAA, PCI, etc.)
- Desired depth: verification, exploitation validation, attack chains
Penetration Testing FAQs
Is a retest included?
Yes. One retest is included within the agreed retest window after remediation is deployed.
Do you test production?
We can, with clear constraints and windows. Many clients prefer staging first; we’ll recommend the safest approach for your risk tolerance.
How do you avoid disruption?
We define safety constraints, escalation contacts, and prohibited actions up front in the Rules of Engagement.
What does AI-augmented mean?
AI helps accelerate research and documentation. All findings are verified by human testers, and AI assistance is disclosed.