Three levels, one methodology.

Start by seeing your exposure without touching anything, catch the obvious with a hand-triaged scan, or move to a real manual pentest when the risk justifies it.

Level 1 · Free

External Exposure Report

48 business hours
FreeNo commitment, no card

A passive, non-intrusive review of your site's visible security configuration.

  • SSL/TLS certificate and configuration
  • HTTP security headers
  • CSP policy and SRI integrity
  • JavaScript libraries with known vulnerabilities
Request free report

Your first look, risk-free

Level 2 · Automated

Vulnerability Scan

1–2 business days
From €390 + VATFixed price once scope is defined

A professional scanner on your web or API, with every finding manually reviewed and triaged.

  • Professional vulnerability scanner (OWASP Top 10)
  • Manual triage: we discard noise and false positives
  • Report prioritized by severity
  • Short results meeting
Request scan

Ideal as a periodic checkup

Level 3 · Real pentest

Full Manual Pentest

1–2 weeks depending on scope
From €1,490 + VATFixed price once scope is defined

A real manual pentest: exploitation, business logic, escalation and chaining of vulnerabilities.

  • Real exploitation and proof of concept for every finding
  • Business-logic and access-control flaws
  • Technical report + executive summary + remediation
  • Results meeting + re-verification report
Request pentest

Recommended before production or audits

The three levels, side by side.

Fixed price always, before we start

Free report48h · free
What it analyzes
Security configuration visible from outside
Method
Passive, non-intrusive
False positives
Possible (not verified)
Deliverable
Short report by email
Meeting
Vulnerability scan1–2 days · from €390 + vat
What it analyzes
Common vulnerabilities in web and API
Method
Automated scanner + manual review
False positives
Filtered by hand
Deliverable
Report prioritized by severity
Meeting
Short, results
Full pentest1–2 weeks · from €1,490 + vat
What it analyzes
Everything above + business logic and access control
Method
Manual pentest with real exploitation
False positives
Zero: every finding proven with PoC
Deliverable
Technical report + executive summary
Meeting
Results + follow-up verification

Not sure which level fits?

Tell us what you have and what worries you. We'll tell you, with no commitment, which level really suits you — or if you don't need one.