Pricing

If a real attacker spends more time than a pentester, he might find vulnerabilities that the tester did not find before. This is the timebox principle.

That's why (serious) pentests are always charged according to time spent (usually in person-days). One person-day costs € 1.600,-. From 20 person-days we give a 15% discount (€ 1.360,-).

And what does a Pentest really cost now?

We estimate the effort for a pentest in advance in a scoping meeting (for more information, see Before the pentest). Here are a few guidelines on what you can usually expect.

• Web Applications: € 5.000-16.000
• Microsoft Active Directory: € 12.000-20.000
• External Infrastructure: € 8.000-11.000

Discounts

• From 20 person days we give a 15% discount.
• In the Academia area we offer a very attractive daily rate of € 1.200,-.
• We are currently launching a pro bono programme.

Otherwise, we ask for your understanding that we do not grant discounts. Negotiating talent should not be a price-determining factor. In return, you can expect full fairness and transparency from us.

Partner

If we are unable to offer a service, we are happy to recommend competent companies. We are also pleased when we are recommended by others.

We never charge a recommendation fee or any other fee for recommendations. Likewise, we do not pay any fees for referrals. This means that our recommendations are always based on the quality of the recommended company and not on the fee.

If a security company concludes a contract directly with the end customer and engages us as a subcontractor, we charge 85% of the end customer's price, but at least a daily rate of € 1000. Our partner is then responsible for passing on the provisions from our service description to the end customer.