Our Pricing 

Empower teams to take charge of application security with a credit system, simplifying budgeting, and enabling teams to choose when and how to schedule pentests   

Level 1 - Awareness

Initial testing to assess basic security. Suitable for any website/application

Small

Basic Website

2 Credits

Medium

Webapplication

3 Credits

Large

Enterprise App

4 Credits

Manual vs Automation
Pentest Process
50 % / 50 %
OWASP OTG v4
Pentest Methodology
Partial
OWASP ASVS Level
Pentest Methodology
Level 1
OWASP TOP 10
Pentest Report
Yes
Pentest Platform
Collaboration & Reporting
Full access
Duration
Testing Time
2 days

Level 2 - Security

Extensive manual research with customization per asset for full security

Small

Basic Website

4 Credits

Medium

Webapplication

8 Credits

Large

Enterprise App

12 Credits

Manual vs Automation
Pentest Process
70 % / 30 %
OWASP OTG v4
Pentest Methodology
Full
OWASP ASVS Level
Pentest Methodology
Level 2
OWASP TOP 10
Pentest Report
Yes
Pentest Platform
Collaboration & Reporting
Full access
Duration
Testing Time
3-5 days

Level 3 - Advanced

A full Pentest suitable websites/applications with basic security in place

Small

Basic Website

8 Credits

Medium

Webapplication

16 Credits

Large

Enterprise App

20 Credits

Manual vs Automation
Pentest Process
80 % / 20 %
OWASP OTG v4
Pentest Methodology
Full
OWASP ASVS Level
Pentest Methodology
Level 2
OWASP TOP 10
Pentest Report
Yes
Pentest Platform
Collaboration & Reporting
Full access
Duration
Testing Time
5+ days

Credits are 224 EUR Each

Our pentest pricing is based on Size + Scan Level. Credits are flat-rate, can be purchased upfront, and we offer volume discounts.

FAQ 

Still have questions? Hopefully our FAQ can help. If not, contact us at Hero@PentestHero.io with questions. 

What are Pentest Credits

PentestHero scraps traditional budget cycles, empowering devs and design teams to conduct their own pentests. Simply budget pentesting for the whole year, buy credits, and deliver them to dev teams. Developers can then plan and launch their own pentest cycles around application changes and updates, without delays and bottlenecks of finance and budgeting.

What do Credits Cost?

Credits are 224 EUR each. We also offer volume discounts. 

How Many Credits Do I Need

PentestHero uses a simple pricing scheme. We factor in the complexity and size of your website alongside the security level of a scan to determine how many credits you need. Simple websites start at 1 credit. 

Are Credits Refundable?

No. All credits are final sales. You may qualify for a refund if work is undeliverable or otherwise unsatisfactory, in line with our Terms of Service. Otherwise, all credits are seen as a pentest purchase, and are delivered with volume-based discounts based on pre-sales. If you have more questions, contact us.

Can I Upgrade My Pentest?

What if you want to upgrade from a Level 1 to a Level 2 pentest? Contact us to let us know. We’ll prorate the cost of the current pentest with the cost of the new one – so upgrades are as efficient as possible. 

Is Retesting Included in the Cost?

Yes! PentestHero delivers complimentary retesting with every Pentest package, to ensure your team has everything it needs to remediate vulnerabilities and stay secure. Developers can request retests directly through our platform, for truly collaborative pentesting.

Can I Get a Volume Discount?

Cut costs across large projects with volume credit discounts. Organizations with multiple digital assets or those budgeting for the year can commit to a larger number of pentests at once, allowing us to offer a volume discount, so we fit better into your budget and cybersecurity cycles. 

What Billing Options Do You Accept?

PentestHero uses Stripe billing to offer secure payment processing. We accept most popular payment forms including credit and debit cards, SEPA debit, iDEAL, bank transfer, and more. We also use IBAN bank transfers in supporting regions. 

Do You Do Code Review?

Yes! In most cases, a full code review will cost 8 credits. This is subject to change based on application size and complexity. 

Do You Offer Pentesting for Compliance?

Yes! PentestHero is able to meet the needs of yearly recurring compliance frameworks like DigiD, ISO, HIPAA, PCI, and more. Adding a compliance framework to your pentest costs from 2 credits per pentest. 

Request a Pentest