Please explore our pricing plans below. For penetration tests, prices depend on the scope of the test and the interactivity (function points) of the applications.

Do not hesitate to ask us for a quote when you are looking for a penetration test provider in Germany, UK, Belgium or the Netherlands; we guarantee to match any quality level and quote you will receive from another provider!

Please click here to contact us!

 

  • Suitable for which situation
  • Suitable for which application types
  • OWASP ASVS level
  • What is included in the penetration test
  • What can you expect?
  • Test techniques / methodology
  • Reporting
  • Black/grey/white box
  • Manual testing by a security expert

Basic
Penetration Test

2.749starting from
    • Full penetration test
    • Audits
    • PCI DSS
    • Certification purposes

  • Web applications and/or networks that contain sensitive information

    Web applications for which clients or prospects demand pentest evidence

  • 2

  • Will check for most currently known software vulnerabilities.

    Most applicable for IT systems that contain sensitive information such as web portals with user data.

  • Personal contact, on customer premesis if required. You will receive a test plan before testing starts.

    Scope and approach of the test are defined in cooperation with your organization.

    Reporting format can be adjusted to your needs

    • Portscan / network scan
    • Automatic web application scan
    • Full manual OWASP top 10 / WSTG testing
    • Attack narratives based on threat modelling
    • Technical report (based on applicable guidelines such as PCI DSS / OWASP)

  • Grey box. White box elements can be added on request, for example code reviews or use of a local agent/sensor (IAST)

  • Yes, extensive manual testing based on a custom test plan

Penetration Test
Azure/AWS/GCP

2.749starting from
    • Full penetration test
    • Audits
    • PCI DSS
    • Certification purposes

  • Web applications or IT landscapes hosted on Azure, AWS or GCP

  • 2

  • Includes all tests of the basic penetration test

    Augmented with interactive cloud security assessment for Azure/AWS/GCP

  • Personal contact, on customer premesis if required. You will receive a test plan before testing starts.

    Scope and approach of the test are defined in cooperation with your organization.

    Interactive cloud security assessment together with your key resources

    Reporting format can be adjusted to your needs

    • Portscan / network scan
    • Automatic web application scans
    • Full manual OWASP top 10 / WSTG testing
    • Attack narratives based on threat modelling
    • Cloud security audit in interview form
    • Technical report (based on applicable guidelines such as PCI DSS / OWASP)

  • Grey box. White box elements can be added on request, for example code reviews or use of a local agent/sensor (IAST)

  • Yes, extensive manual testing based on a custom test plan

Advanced
Penetration Test

3.849starting from
    • Full penetration test
    • Audits
    • PCI DSS
    • Certification purposes

  • Highly critical systems such as government, DoD, healthcare, financial services, infrastructure, utilities or transport

  • 2 to 3

  • Applicable to highly critical systems.

    As a part of this plan, checks of secure design, threat modeling and administrative organization can also be included.

  • Extensive tests, where possible and required on customer premesis. Where required, interviews will be conducted to collect required information for defining attack narratives.

    • Portscan / network scan
    • Automatic web application scan
    • Full OWASP coverage
    • Attack narratives based on threat modelling
    • Audit/assessment: documentation reviews and interviews
    • Technical report (based on applicable guidelines such as PCI DSS / OWASP)

  • Grey box. White box elements can be added on request, for example code reviews or use of a local agent/sensor (IAST)

  • Yes, extensive manual testing based on a custom test plan

 

nSEC/Resilience performs over 200 penetration tests each year and has extensive experience across all industries and technology stacks. We include relevant references in our proposals.

nSEC/Resilience is CCV certified and is audited annually on proper security, quality processes and staff selection.

Our reports are delivered in English by default (other languages on request). Should there be specific requirements for report contents or formatting, we can often accommodate without additional cost. All our penetration tests include a retest and delivery of an updated report without additional cost.