Can you give a fixed price immediately?
Yes, for web app services we publish starting prices for a typical scope. The final price follows scope alignment. It is fixed before work begins.
Pricing guidance
Starting prices for web application security. Scope, deliverables, and detail live on each service page.
Service pages
Want to know what we do and what you get back? Read each service page. Here you only see prices.
External Web Application Rating Report
We test your web application from the outside, like an attacker would see it on the internet, without needing access to your source code or internal systems. You receive a graded report (A-F) with a prioritised list of issues and recommended fixes.
Web Application Penetration Testing
With your written permission, we actively test your web application to find security weaknesses, including login flows, APIs, and how the application handles data. Unlike an external rating report, this is hands-on authorised testing with evidence of what we find.
Periodic Security Reporting
We reassess your web applications on a regular schedule, for example quarterly, and show what improved, what is new, and what still needs attention. Each cycle produces an updated report your management team can review.
Remediation Validation
After your team fixes security issues we previously reported, we retest those specific items and confirm whether each fix worked. You receive a clear status per finding: resolved, partially resolved, or still open, with evidence.
Starting prices
The exact amount depends on your app. We agree it before work begins.
Starting from €1,250
excl. VAT
Starting from €2,500
excl. VAT
Starting from €500
excl. VAT per report
Starting from €450
excl. VAT
All starting prices are excl. VAT. Scope, deliverables, and final price are agreed on the service page before work begins.
FAQ
Yes, for web app services we publish starting prices for a typical scope. The final price follows scope alignment. It is fixed before work begins.
Yes. Starting prices are excl. VAT. VAT is shown on the quote or invoice depending on your situation.
No. An External Web Application Rating Report is an external risk assessment. A Web Application Penetration Test goes deeper and is a separate authorised test.