Web Application Vulnerability Scanning is one of our most simplistic services. It offers valuable testing for common vulnerabilities and identifies weaknesses in your web app.

Basic Service

The basic service will run one or more industry standard vulnerability scanners against your web app and deliver the raw report to you for review. Your development team would then review the findings, determine which are potentially false positives, and remediate the remaining issues.

You can review a sample report here: SampleWebAppVulnerabilityScanReport.pdf

Standard Service

The standard service includes everything in the basic service, and, in addition, each finding is verified and a custom Findings and Recommendations Report is created.

View our Sample Findings and Recommendations Report to see the level of detail PEN Consultants provides in our report.

Sample Pricing
  • Micro: Apps with less than 12 pages or major functions and 2 user roles (or less)
    • Basic: $4,000
    • Standard: $6,000
  • Small: Apps with less than 25 pages or major functions and 2 user roles (or less)
    • Basic: $5,250
    • Standard: $8,000
  • Medium: Apps with less than 50 pages or major functions and 3-4 user roles
    • Basic: $7,000
    • Standard: $11,250
  • Large: Apps with less than 100 pages or major functions and 4-5 user roles
    • Basic: $9,500
    • Standard: $16,000
  • xLarge: Apps with more than 100 pages or major functions and 6+ user roles
    • Varies
Add-On Services

In order to keep our testing prices low, we’ve removed certain services that not every client requests.  You only pay for the following services you need:

  • post-testing briefings – executive level and/or technical level
    • Micro: $400 each, Small: $550 each, Medium: $675 each, Large: $825 each, xLarge: varies
  • remediation testing
    • Micro: $700, Small: $825, Medium: $975, Large: $1,100, xLarge: varies
  • assist technical support staff with mitigations
    • $1,100 per 5-hr block of consultant time
  • assist SOC staff in building detections
    • $1,100 per 5-hr block of consultant time
  • on-site supplemental testing and/or visits:
    • mileage fee of $3 per mile from 78006
    • plus, $300-450 per day for most visits


DISCLAIMER: Sample pricing listed is not actual pricing.  These dollar amounts are estimates based on the number of hours required for engagements of similar size and assumes white box testing and at least a 90-day lead time..  They are provided to give you a ballpark idea of the cost for the service.  The total cost will be based on the estimated number of hours to perform the requested service and our hourly rate.  Black box testing, specific complexities, and other non-standard situations will increase costs.  Additionally, sample pricing does not include travel or other non-standard expenses (specialized equipment, materials, etc.). Final pricing is determined during the no-obligation scoping phase (before testing starts).

DISCLAIMER: Other than Wireless Testing, all testing is remote-only unless otherwise noted.  Sample prices and prices quoted are for remote-only and do not include travel.  See the On-site Supplemental Testing add-on for more information.


Schedule a no obligation consultation with PEN Consultants today! Information & Cybersecurity Testing - Penetration Testing, Red Teaming, Vulnerability Scanning and Assessment services for Apps, Web Apps, Network, Wireless, and more!