One of the most important principles in this business is having honesty and transparency with our clients; so explaining the cost of a Pentest should help. Now let’s raise the curtain a bit, and discuss it.
Now to recap, Pentesting (as discussed in our previous blog post) is an authorized “attack” on an info-system, in order to better understand and discover the weak points the info-system has. This would allow the business or company to better protect their system from true attacks. Of course many companies are interested in Pentesting for that reason, and with that there are many questions. One of the most common questions asked is just how much the Pentest will cost and why?
Well to begin with, Penetration testing companies should base their estimate on the time it takes the engineer to do the work required, That would be fairest way to price out the work for the customer. Also, the final price depends a lot on the scope of your website or app. The scope would include things like the functionality of the website itself, the number of versions, roles, and quantity of the screens or forms. For example, if you needed to Pentest an application on one platform, let’s say it’s Android, and it has 1 role (most likely an administrator) and 3 forms (the order form, customer support form, and the payment form), then this would be quoted as one price. In comparison, if you were to do a Penetration test on Android and iOS, which would have 3 roles and 7 forms, then the price would be double or even triple the cost of the last example!
So when considering to get a Pentest done, assess your budget against the size of your info-system!
So how much does the Pentest service cost?
Again, it depends on the size of the job, plus the company’s own rates, since there really isn’t an average price for this kind of work. Some companies may put a price of $8,000, whilst others $15,000 or more. There are even companies that due to their big name clients (Google, IBM, and Tesla for example) and having worked for over 20 years, have priced their work above even $50,000! Even when you search online for an average price, you won’t find anything sensible. They would state the same things. The parameters being:
- It depends on the application or site
- How impactful and popular the company is
- How much does the company owner values the service
If you ask us, we also look at all of these parameters and bill based on all of the above. Our business understands that this service is not cheap, so we try to make the prices as flexible and comfortable as possible for our customers.
If you need a Pentest quote, feel free to contact us, and we will be happy to work with you!