1. Programme scoping
applications, cadence, and reporting format agreed upfront
Recurring visibility into how your web application risk is changing, not a one-off snapshot.
We reassess your web applications on a regular schedule, for example quarterly, and show what improved, what is new, and what still needs attention. Each cycle produces an updated report your management team can review.
Deliverables
Every engagement ends with concrete artifacts your team can use. Not slides. Browse sample outputs below.
Quarter-over-quarter score movement with new, resolved, and open finding counts.
Periodic trend dashboard
app.example.com · FY 2025 · Q4 close
Overall rating
7.8
3
New
8
Resolved
5
Open
Open by severity
Score trend · FY 2025
Quarterly activity
| Period | Score | Δ | New | Resolved | Open |
|---|---|---|---|---|---|
| Q1 | D5.8 | — | 4 | 2 | 14 |
| Q2 | C6.4 | +0.6 | 3 | 5 | 12 |
| Q3 | B7.1 | +0.7 | 2 | 6 | 8 |
| Q4 | B7.8 | +0.7 | 3 | 8 | 5 |
Domain grades by quarter
| Domain | Q1 | Q2 | Q3 | Q4 | Δ Q4 |
|---|---|---|---|---|---|
| Transport & TLS | A | A | A | A | — |
| Security headers | D | C | B | B | +2 |
| Authentication | D | D | C | C | +1 |
| API security | C | C | B | B | +1 |
| Information disclosure | D | C | C | B | +2 |
Practical
Who it's for, how we work together, and where we draw the line.
applications, cadence, and reporting format agreed upfront
Engagement package
Fixed outputs and scope, agreed before we start. No surprises afterward.
Periodic External Web Application Rating Report per cycle (PDF)
Detailed examples are shown in the deliverables section above.
Starting from €500 excl. VAT per reportPricing guidance