uncover vulnerabilities,
improve your security

Penetration testing, or pen testing as it is sometimes called, is an in-depth investigation into the security of a network, application, infrastructure or connected device.

Our penetration test services are delivered by experienced security consultants and are designed to uncover vulnerabilities within the set target, to manually verify whether these could be exploited by a malicious threat and provide clients with the comprehensive remediation advice they need to improve their security situation.

Our penetration testing services

Penetration testing comes in several forms and our service will be tailored to your business, as well as your security priorities. Our penetration test services include: 


Protect your external & internal networks from malicious threats.
Click here >

Cloud service

Our cloud assessments are designed to evaluate the security of your services.
Click here >

Web application

Protect applications such as websites, third-party software and e-commerce platforms.
Click here >

Embedded device/
IoT testing

The security of your connected devices is vital, especially when sensitive data is being processed.
Click here >

Mobile application

Mobile applications are an ideal target for threat actors. Make sure yours are secure.
Click here >

Industrial control system testing

Industrial control systems are vital to many organisations. We can help you ensure yours is secure.
Click here >

Wireless network

Wi-Fi networks can provide attackers with an initial foothold from which to attack your organisation.
Click here >

Agile development testing

Our agile development testing has been designed specifically to fit your development needs.
Click here >

Not sure what type of penetration test you need, or need a combination of services? Our team will be happy to discuss your individual requirements and provide a no obligation proposal based on your needs.

Our approach to penetration testing

Every penetration test goes through a rigorous process to ensure you get the best possible results. Below we outline the key stages our tests go through:

1. Scoping

We will work with you to ensure goals are defined, communication requirements set, and everything is in place before we start the test.

2. Proposal & prerequisites

A bespoke proposal of work will be drawn up based on your requirements, our experience and our consultant’s expertise. This proposal will outline our recommended test approach and provide details of the number of days we feel are needed to investigate the target thoroughly.

We will work with you to ensure this proposal meets your exact requirements and once authorised; we will outline any necessary prerequisites that are needed to ensure testing starts on time.

3. Testing

Testing will commence on the agreed date and our consultants will communicate with you throughout the test, to your set requirements.

All our testing is conducted manually and our consultants will look to identify as many issues as possible in the time allotted, verifying whether these could be exploited.

4. Reporting

A comprehensive, quality assured report of our findings will be delivered within 5 days of the test finishing. Our reports can be tailored to your needs, providing both a technical and managerial overview of findings, as well as our detailed remediation advice.

5. Post-test support

Our job doesn’t finish on the delivery of the report, your test consultant will be available after the test to explain any aspect of the report, as well as provide remediation support to internal teams and/or external suppliers.

6. Retest

You have the option to retest, ensuring reported vulnerabilities have been addressed.

7. Evidence of testing

Many of our clients need to supply evidence of testing for security assurance purposes. We can supply documentation which will provide these assurances to internal and/or external stakeholders.

Why choose us

We act as a trusted adviser, not just a test provider. So, whether it’s your first test or you’ve conducted hundreds, our team are dedicated to making the process as seamless as possible, to pass on their wealth of expertise and to provide you with the information security support you need.

Penetration test experts since 2001

Dedicated account management

Comprehensive, quality assured reporting

Unrivalled post-test support

Optional retest of issues

Penetration testing FAQs

Got a question regarding penetration testing? You might find the answer here. 

Both vulnerability scans and penetration tests are important in the overall protection of your network. Neither assessment replaces nor cancels out the other, however, there are some fundamental differences

Vulnerability Scanning is traditionally a regular or scheduled assessment that delivers important information on vulnerabilities found and how to fix them. A thorough scan, whether it be done manually or automated, is very much dependent on how it has been set up and configured. It is worth noting that vulnerability scans do have their limitations; they only detect known vulnerabilitiescan often miss vital red flags and there are issues around false positives. 

A penetration test is more in depth. Based on a manual approach, a penetration test mimics a ‘real life’ malicious attack on the system or network within the testing scope. Organisations that have an established information security posture tend to engage with companies like Pentest on a regular basis, providing them with a high level of security assurance, protecting them from loss of data and consequently reputational damage. 

Every test is scoped individually, utilising the knowledge and experience of our dedicated security consultants, along with other factors, such as the complexity of the application and your business need. This means there is no ‘average’ penetration test duration and our dedicated account managers are best placed to advise you based on your individual requirements.

Having access to source code is not a prerequisite to perform a test, however, it can provide valuable information regarding the application and can be useful in terms of confirming the issues identified. 


For example, source code would be helpful if a consultant identified a form that they suspect to be vulnerable to injection attack. Using the code, the consultant could identify what validations are in place and find attack payloads that would bypass these protections.

Each hosting vendor will have different requirements regarding permission to perform testing of applications hosted on their infrastructure. Some providers have an online form where you can request test authorisation, others may not require authorisation but ask that you notify them beforehand.

We recommend in all cases that you should check with the specific requirement as per your contractual obligations. A first point of call for this may be the hosting partners web site or your assigned account manager.

Information on AWS and Azure can be found on their relevant websites.

In many cases the vendor will provide testing guidelines, listing what test approaches can, and cannot, be performed by an external tester. We recommend you provide this information to us before any test is performed. Pentest will always follow the testing requirements and limitations as specified by the relevant vendors.

Our consultants are experienced in performing penetration testing and follow a proven methodology that has been developed over many years. As we are testing applications that we have not developed, hosted on infrastructure that we have not configured, we cannot guarantee that no damage or loss of availability will be sustained by the client. 

Every effort will be made to avoid this situation and we will work with you throughout the scoping process to identify associated risks, outline the tests that can be performed, understand what is out of scope and determine whether the test is best performed on a ‘test’ site rather than ‘production’ site. 

Our consultants will communicate with you throughout the test process, highlighting any potentially risky actions beforehand and will immediately halt testing if a client flags a situation whereby our testing, or proposed next actions, could be prejudicial to the production system or application. 

We have performed tests on both UAT/test environments as well as production/live environments. In many cases, this choice will be driven by your requirements, the environments available and the risk assessment for each test. It is not unusual for consultants to perform an initial test on a UAT environment and then check to see if vulnerabilities are present in the live application. 


The scoping process will be used to agree the most relevant approach for you and we strongly advise that backups are kept, ensuring that any loss is recoverable.

In most cases we will ask that our IP address range be whitelisted during testing. We ask this as we believe it gives our clients the best value test in terms of time, cost and results.


For many clients, the goal of testing is to see how vulnerable an application/network would be to exploits should the external barriers be breached. Whitelisting allows us to do this effectively, preventing Firewall and IDS technologies from skewing results and giving us a ‘clear window’ view.


Although we can perform a ‘black box’ test when required, one where we have no prior knowledge of the internal systems/applications under review, this approach would typically increase the length of the test and would ultimately increase the overall cost.

We provide a detailed report of findings after every engagement. This report classifies the vulnerabilities found into critical, high, medium and low risks (including Common Vulnerability Scoring System (CVSS) v2 and v3 ratings/vulnerabilities). It also provides you a managerial overview, an in-depth technical review of the individual vulnerabilities and our detailed remediation advice. 


Where required, we can also supply additional documentation in order to provide security assurances to internal and/or external stakeholders.

Pentest provides remediation advice, though we do not provide remediation services (this would be considered a conflict of interest if we were to perform a retest in the future). 


Each test report contains sufficient detail to allow clients to not only reproduce the vulnerabilities, but also the detailed steps and references to correctly fix the issues. In addition, we place great emphasis on post-test support and our consultants will be available during remediation efforts to advise and provide support where needed.  

We don’t provide certificates of testing and believe there is a danger in doing so. However, we do understand that you may be approached by existing or prospective clients asking for proof of testing as part of any due diligence or security related requirements. If this is the case, we can provide documentation which provides assurances that the applications and services under review have been tested in accordance with industry standards and by an experienced consultant.

Contact us

Want to find out more about our penetration testing services? Our team are on hand to provide you with the information and support you need. Please fill out the form below and one of our team will be in touch shortly.

Our latest research

Our Labs page is the place to discover our latest research, advisories, tool releases and challenges.

Looking to improve your security? Our insights are a great place to start.