Offer & pricing
Contact
lukasz.pilorz@runic.pl
OFFER

Penetration testing - runic.pl

We specialize in cooperation with companies which have their own software development teams

How does the cooperation look like?

contact us

01

Choose a package

choose a ready-made penetration testing package in the time-boxed formula or discuss the details of the order for classic penetration tests with us

02

Sign the NDA

sign an appropriate contract containing a confidentiality clause - we will prepare its content for you

03

Provide data

sign the order form, prepare the testing environment, mobile applications, test users, etc.

04

Wait for the report

the result of penetration tests is a detailed technical report

Time-boxed
penetration testing

In a time-boxed approach, a penetration test is scheduled for a specific, usually short duration, during which testers are tasked with finding as many vulnerabilities as possible, focusing on those that are most critical from the application's security standpoint.

Classic
penetration testing

Priced based on the scope of testing agreed upon with you.

Sample packages
Completion time
Tester’s experience
Priorities (vulnerability areas we analyze first)
Report
Retests
What do you need to prepare to achieve the best results?
Penetration tests
of a web application
or API

Manual and automated tests + technical report

MINI: 30 hours – 11,000 PLN + VAT
OPTIMAL: 45 hours – 15,000 PLN + VAT
COMPREHENSIVE:
80 hours – 24,000 PLN + VAT

 

MINI: 3 weeks
OPTIMAL: 3 weeks
COMPREHENSIVE: 5 weeks

Contact us to confirm availability.

OSCP, OPST or GWAPT certificate

OWASP Top 10

Key application mechanisms: authentication, access control, input processing, web server configuration

Technical report in English or Polish


Optional: a document confirming the completion of the tests

Up to 30% of the package price
or
300 PLN + VAT per hour

A test or production environment accessible from the Internet, entry point addresses of the application, several test user accounts, test data similar to that used in functional testing, and example requests for each API method (e.g., OpenAPI, Postman)

Penetration tests
of mobile applications
(iOS + Android)

Manual and automated tests + technical report

MINI: 45 hours – 15,000 PLN + VAT
OPTIMAL: 60 hours – 20,000 PLN + VAT
COMPREHENSIVE:
80 hours – 24,000 PLN + VAT

MINI: 3 weeks
OPTIMAL: 4 weeks
COMPREHENSIVE: 5 weeks

Contact us to confirm availability.

OSCP or eMAPT certificate

OWASP Top 10, OWASP Mobile Top 10

Key application mechanisms: communication with the backend API, authentication (including biometrics), access control

Technical report in English or Polish


Optional: a document confirming the completion of the tests

Up to 30% of the package price
or
300 PLN + VAT per hour

A test or production environment accessible from the Internet, IPA and APK files, access to the app via TestFlight or App Store, SSL pinning and jailbreak/root detection disabled, several test user accounts, test data similar to that used in functional testing

Web / API /
Android / iOS

Attractive rates
starting from 300 PLN + VAT per hour

Priority delivery timelines

Tailored selection of competencies

Priorities aligned with your requirements.
Possibility to perform tests based on a required standard, e.g. OWASP ASVS

Technical report in English or Polish


Optional: a document confirming the completion of the tests

Up to 30% of the test price
or
300 PLN + VAT per hour.

Requirements specified during the test scoping of the given application

What to choose?

Are you wondering whether to choose time-boxed penetration testing or classic penetration testing?

Time-boxed
penetration test

Focused on delivering maximum value within a specified time frame:

  • gives you control over the budget and the duration of the test

  • allows to identify the most practical and relevant vulnerabilities without the need for a lengthy, formal process

  • offers valuable results at lower costs compared to traditional penetration tests

Classic
penetration test

Following a more formal approach, ensuring comprehensive coverage:

  • the scope of the test is fully tailored to your application

  • you can choose the standard on which the tests will be based, e.g., OWASP Application Security Verification Standard

  • before we prepare a price offer, we will conduct an initial conversation during which we will discuss your goals, requirements, and review a demo of the application

Contact us to learn more

contact
lukasz.pilorz@runic.pl
Address

runic.pl
NIP PL7122775533
ul. Kościuszki 10/1
05-500 Piaseczno, Poland
C’office space

© 2024 RUNIC.PL. All rights reserved.
Privacy Policy
Studio Brothers - websites