Pentest + Incident Response
A real adversary perspective. A real human on the pager.
Two adjacent surfaces: a scoped external pentest with a buyer-readable report, and an IR posture you can lean on the day a security event lands. Either alone, or both together.
Tiers
Three engagement shapes
Scope by surface (web app, network, cloud config). IR comes in two shapes: surge (you call us when it happens) or retainer (we’re reserved with a 2-hour SLA).
Pentest engagement
$18,000–$25,000 fixed
Time-boxed external pentest. Buyer-readable report. Re-test included.
- Scope: web app, network, or cloud config review
- 2-week active testing window
- Buyer-readable report (CVSS + remediation guidance)
- Re-test of fixed findings included (within 60 days)
- C3PAO-aligned reporting format
Incident Response — surge
$500/hr
You call us when something happens. 8-hour minimum.
- Hourly billing, transparent rate
- 8-hour minimum engagement
- Active triage + containment guidance
- Post-incident write-up handed to you
- No retainer commitment
Incident Response — retainer
For mature teams$20,000/yr
Reserved capacity. 2-hour response SLA. Pre-paid hours.
- Annual contract, pre-paid hours
- 2-hour response SLA on declared incidents
- Quarterly tabletop drill included
- Direct line to the engineering operator
- Hours roll over within the contract year
Different problems, same operator.
Pentest is for procurement evidence. IR is for the day something breaks. The Exposure Call sorts which one (or both) actually fits — we’re honest about whether it’s a now-problem or a Q3-problem.