Service Pricing
Get a pricing estimate.
Type of Vulnerability Assessment
Use automated tools and manual verification to analyze your environment for vulnerabilities
Detect vulnerabilities in the operating system and commonly used software in servers, workstations or network devices.
Detect vulnerabilities at the web application layer, usually for custom-developed web apps.
Number of IP Addresses
Pricing is based on the number of IP addresses to be assessed.
Number of Websites
Pricing is based on the number of websites (domain names e.g. www.mycompany.com) to be assessed.
Type of Penetration Testing
Simulate the tools and techniques of an attacker
Detect vulnerabilities in the operating system and commonly used software in servers, workstations and network devices.
To detect vulnerabilities at the application layer for custom-developed web applications.
To detect vulnerabilities at the application layer for custom-developed mobile apps.
Detect vulnerabilities in the wireless network implementation within your organization’s premises.
Number of IP Addresses
Pricing is based on the number of IP addresses to be assessed.
Do you want a black-box or grey-box test?
Black-box testing simulates an unauthorized attacker with no user credentials i.e. testing without logging into the system. With this approach, system functions requiring authenticated access will not be tested.
Grey-box testing simulates an authorized but malicious attacker with user credentials i.e. testing by logging into the system. With this approach, system functions requiring authenticated access will be tested.
Do you want to test the login page only?
For web applications where access to all functionalities are protected by user login
Does your app involve any financial transactions?
Examples include ecommerce, donations, etc
Does your app provide enterprise functionalities?
Examples include Human Resource Management (HRM), Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), etc
Do you want to test both an iOS and Android version?
Number of SSIDs
Pricing is based on the number of SSIDs per location to be assessed.
Number and Type of Devices
Pricing is based on the number and type of devices to be assessed.
Lines of Code
Pricing is based on the number of lines of code to be assessed.
Final cost
The final estimated price is :
Contact us for a more accurate quote and find out how you can get an additional 20% discount.
* We only respond to corporate email addresses.
Summary
Description | Information | Quantity | Price |
---|---|---|---|
Discount : | |||
Total : |
Value Packages
Get more value with our external testing packages at 25% discount.
Basic
- 2 x network penetration tests – 3 IP addresses
- 1 x web app penetration test (black-box) – 1 URL
Standard
- 2 x network penetration tests – 5 IP addresses
- 1 x web app penetration test (black-box) – 2 URLs
Premium
- 2 x network penetration tests – 10 IP addresses
- 1 x web app penetration test (black-box) – 3 URLs
Contact us to find out how you can get an additional 25% discount.
Frequently Asked Questions
What is black-box testing?
Black-box testing simulates an unauthorized attacker with no user credentials i.e. testing without logging into the system. With this approach, system functions requiring authenticated access will not be tested.
What is external testing?
External testing simulates a malicious outsider attack and is conducted from the public internet without modification of customer’s perimeter defence.
What is included in network penetration testing?
Network penetration testing is focused on the services running on the network and is primarily concerned with vulnerabilities at the operating system layer and common software (e.g. NIST CPE) of the target hosts and devices.
What is included in application penetration testing?
Application penetration testing is focused on the functionalities of the application (including web API servers for mobile apps) and is primarily concerned with application layer vulnerabilities, especially the OWASP Top Ten Web Application Security Risks and OWASP Mobile Top 10.
What methodologies do you use?
We adopt the following guidelines for our penetration testing methodology:
- Penetration Testing Execution Standard
- OWASP Web Security Testing Guide
- OWASP Mobile Security Testing Guide
Specific testing procedures are executed based on the nature of the testing and environment.
What tools do you use?
We use both commercial and open source tools including Tenable Nessus Pro, Burp Suite Pro, Kali Linux, Metasploit, etc.
Yes, we are CREST accredited
Our core team is based in Singapore and consists of CREST certified penetration testers who are also Offensive Security Certified Professional (OSCP) certified. The team has delivered numerous penetration testing projects for customers in Singapore and other locations, from large multinational enterprises to small and medium business, and across various industries.
How can we help?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.