Why choose Bulletproof as your penetration testing company?

Competitive Prices

Competitive Pen Test Prices

We offer highly affordable penetration testing services to ensure companies of all sizes can protect themselves from cybersecurity threats.

Qualified Security Experts

Certified Security Experts

All our security testers are independently qualified by industry-recognised bodies such as CREST and Tigerscheme.

Comprehensive Reporting

Comprehensive Reporting

You’ll receive a comprehensive report complete with remediation advice and guidance. As well as a full debrief call to run through the findings.

Free Vulnerability Scan

Free Vulnerability Scans

Protect your business all year round with 12 months of free vulnerability scans when you choose Bulletproof as your penetration testing partner.

Paymentsense Logo

We’ve always been very impressed with the cyber security services Bulletproof provide us. Their professional approach, knowledge and flexibility have ensured they have become a key trusted partner in our supply chain.


Nick Fryer

CTO, Paymentsense (Europe's largest merchant service provider)


Choose from our complete range of penetration testing services

Web application penetration testing

  • Uncover vulnerabilities and insecure functionality
  • Identify all security risks, including the OWASP Top 10
  • Multiple test types, including authenticated and API testing
  • Proven track record for exposing security flaws
Web application penetration testing

Network and infrastructure penetration testing

  • Test your network & infrastructure for weaknesses
  • Check services, patch levels and configurations
  • Multiple test types, including external and internal testing
  • Established pedigree for exposing vulnerabilities
Network penetration testing

Mobile application penetration testing

  • Uncover insecure app functionality
  • Exploit discovered weaknesses in your app
  • Secure your software development lifecycle
  • Proven expertise in securing iOS and Android apps
Mobile application penetration testing

Cloud penetration testing

  • Detect weaknesses in your cloud provider’s system
  • Cover any cloud system: Amazon AWS, Google’s GCP, Microsoft Azure
  • Thorough cloud security assessment
  • Recognised talent in identifying threats in cloud environments
Social engineering prevention services

Social engineering prevention services

  • Find out the effectiveness of your social engineering controls
  • Maximise your employees’ security vigilance
  • Get maximum protection with regular tests and training
  • Extensive experience in tailoring campaigns to your security objectives
Social engineering prevention services

Red team security testing

  • Identify risks and exploit weaknesses in your physical and cyber defences
  • A carefully pre-defined scope sets the rules of engagement
  • Multi-layered approach for maximum impact
  • Proven track record in exposing critical security flaws
Red team security testing

Get in touch for a free quote today

If you’re interested in our penetration testing services, get a free, no obligation quote today by filling out the form below.

By submitting this form, I agree to the Bulletproof privacy policy.

Frequently asked questions

What is penetration testing?

Penetration testing, also known as pen testing or ethical hacking, is where you appoint a security testing company to take on the role of a hacker and attempts cyber attacks to compromise or gain unauthorised access to your network, mobile application and/or cloud environment by any means necessary.

Also known as white hat hacking, a qualified professional, a pen tester, will make use of penetration testing automated tools and manual processes to uncover any vulnerabilities and misconfigurations that present a cyber-security risk.

As a technical exercise, it involves an internal & external analysis of your IT infrastructures and applications as well as testing human elements (social engineering) therefore penetration tests should be considered a fundamental component of your risk management programme.

The aim of penetration testing is twofold:

  • Identify and exploit shortcomings in the confidentiality, integrity and availability of information.
  • Should provide remediation advice and offer guidance on how to reduce the impact of the identified shortcomings being exploited.

What are the benefits of a penetration test & why is penetration testing so important?

It’s recommended that businesses perform penetration tests at least annually or whenever a significant change is made to the environment.

Certain compliance packages, such as PCI DSS certification, make regular penetration tests mandatory. Put simply, if you want good security, you need a comprehensive penetration test.

Stay a step ahead of the hackers

Testing your current security posture provides a clear indication on where you stand against an ever-changing threat landscape. It’s how you can efficiently identify and address vulnerabilities before an attacker does.

Take control of your infrastructure

As technology evolves and your business grows, technical infrastructures become increasingly complex. It’s not uncommon for things to slip out of your control, or you might not have the relevant expertise to ensure that your controls are implemented the right way. Each test reveals the flow of your environment and any interdependencies that have a direct or indirect impact to security. Don’t forget that you’re only as secure as your weakest link.

Prove your security

You might think you have a very secure infrastructure in place, with all the processes, procedures and staff training to back it up. But how do you know? A penetration test is an ideal way to test your security implementations, giving you real-world proof that your security controls are up to standard and working as expected. This can be as much for the benefit of your customers’ and suppliers’ peace of mind as your own.

Solid risk management

Each penetration test addresses your business risks and the impact to confidentiality, integrity and availability of your data. This provides a good indication to management and the technical teams on how to best prioritise, plan, budget and remediate the risks in a structured manner.

Because you have to there are increasing numbers of legal and regulatory requirements, industry standards, and best practices that all say you should or must have regular penetration tests. These include PCI DSS, ISO 27001, FCA, HMG and CoCo among numerous others. Though compliance does not guarantee security, these standards provide good directions on what is needed to ensure your infrastructure is in a good overall state of security.

Protect your business

It goes without saying that security breaches are bad news, with potentially enormous impacts on your brand’s reputation and the financial repercussions. Penetration tests drastically reduce the risk of a breach, protecting the time and money invested in your organisation as well as the confidence of existing and potential customers.

What are the different types of penetration test?

There are several types of penetration testing that can be defined as either black, white or grey box testing. It’s also worth specifying there is a difference between an application test and an infrastructure test. An application test, as the name suggests, is where a tester looks for flaws within an application to see if there’s any way to get at data or manipulate functionality in a way that wasn’t intended. This can involve cookie theft, XSS, man-in-the-middle attacks etc. Infrastructure tests on the other hand are where the tester attempts to gain entrance to a corporate network.

Black box testing

Black box testing is the closest simulation of real-world hacking in that the tester will know very little, if anything about the target other than what is publicly available. These are often the least time-consuming tests as it relies solely on the tester discovering vulnerabilities in outwardly facing components. However, whilst these tests accurately represent real life situations, they will not pick up any vulnerabilities or misconfigurations that may be present internally. Therefore, they cannot predict what damage an internal threat may cause.

White box testing

White box testing offers the most thorough security test in which the tester has a full understanding of the application or infrastructure, how it works and has access from various levels. It’s likely that they’ll even have access to the source code or have a full detailed map of the internal infrastructure. The tester will probe for vulnerabilities and misconfigurations to try and gain access from an external position, as well as look to see what damage can be done from an internal perspective.

Grey box testing

Grey box testing is a blend of black and white box testing and is often the most popular type of test. The tester will have a limited knowledge of the target, potentially including some documentation. They will often have basic user level access, allowing for partial testing of the target’s internals.

Network penetration test

A network penetration test, also known as Infrastructure penetration test, is where a cyber professional attempt to breach an organisation’s infrastructure. The tester will check for misconfigurations, outdated software, logical flaws and even look for a means to escalate privileges if they manage to gain access. They will tend to focus on:

  • Firewall configurations
  • Segmentation
  • Privilege escalation
  • Incorrectly stored data
  • Default credentials

Application testing

Application penetration tests can be quite involved. They are designed to uncover any vulnerabilities or weaknesses present in a web app or mobile application that could compromise the security or induce functionality not intended by the designers. The difficulty of these tests will depend on what scripts are being employed or how the application is built. Generally, testers will be looking for outdated software, cross-site scripting (XSS) vulnerabilities and weak cryptography, or they will try and tamper with cookies and functionality.

External network penetration test

External-based penetration testing simulates the ability of an attacker to gain access from external resources to the internal network or to retrieve sensitive data from public-facing resources, such as web applications or email servers.

Internal network penetration test

Internal-based penetration testing simulates an attack that has already bypassed the security perimeter. This addresses what an attacker (or an insider) can see and what they can do internally, such as moving from one network to another, intercepting internal communications, and so on.

Social engineering penetration test

Social engineering covers the human element of security, where testers will try to access sensitive information by manipulating human psychology. This usually involves a lot of techniques, such as targeting employees over the internet with phishing emails, phone calls, as well as exploiting pitfalls in operational procedures and trying to compromise physical security.

Cloud penetration testing

Cloud penetration testing examine your organisation’s external security posture. By auditing your AWS, GCP or Azure hosted systems, pen testers can effectively assess your cloud configuration & identify exploitable flaws.

Red team penetration test

A red team penetration test is where security experts compromise a company’s cyber and physical security through a mix of penetration testing, social engineering and deceit. A red team aims to get hold of data remotely or through direct contact with an organisation's on-premises machines. Preferably, not getting caught in the process. Once done, the team can report back to the company with what they did, how they did it (with evidence), and most importantly, how the business can stop it from happening again.

What’s the difference between penetration testing and vulnerability assessments?

The two services, whilst very different, are equally as important where cyber security is concerned. Regular vulnerability tests can be run quickly against new builds or networks on a regular (monthly) basis to allow you to patch any vulnerabilities that come to light. Leaving a single vulnerability unchecked on a single device could theoretically compromise your entire infrastructure. Whereas an annual penetration test can offer you a detailed report of your entire security posture, including your susceptibility to social engineering.

Comparing vulnerability assessments and penetration tests
Penetration TestVulnerability Assessment
FrequencyRecommended every six months.Recommended once a month.
ReportsConcise but detailed report of methods used, flaws found and exploited, and remediation steps to be taken.Often lengthy report listing the CVEs of the vulnerabilities found across all devices and systems.
ScopeTo be agreed upon with your pen test provider. Can focus on internal and external infrastructure, user accounts, default admin accounts (servers), staff (social engineering), switches etc.This should be anything with an IP address. Anything that connects to the business network should be in scope.
Performed by /
Tools Involved
Specialised cyber security companies offering pen tests from experienced testers. Makes use of automated tools, expert knowledge, and a variety of manual processes.Internal IT departments or outsourced companies. Automated Vulnerability scan tools.
ValueIdentifies and reports any weaknesses found across the business, helping to reduce the likelihood of these being exploited by real-world hackers.Identifies known vulnerabilities and detects equipment that can be compromised.

Just because you have had a vulnerability scan, it doesn’t mean you don’t need a penetration test. Likewise, if you’ve recently had a penetration test, it doesn’t mean you won’t benefit from a vulnerability assessment in the near future.

Click here for more information

What are the stages of a penetration test?

Bulletproof follows ethical hacking 7 stages are:

1. Scope definition & pre-engagement interactions

This is where all requirements are gathered and goals are set. It’s where types of tests, forms, timelines and limitations are codified and agreed. This is essential for smooth and well-controlled exercise.

2. Intelligence gathering & threat modelling

Intelligence gathering is an information reconnaissance approach that aims to gather as much information as possible. This information is used as attack vectors when trying to penetrate the targets during the vulnerability assessment and exploitation phases.

3. Vulnerability analysis

This phase aims to discover flaws in networks, systems and/or applications, using active and passive mechanisms, which can include host and service misconfiguration, current patching levels, or insecure application design.

4. Exploitation

With the help of the vulnerability analysis from the previous step, all external and internal-facing systems that are in scope are attacked. This involves a combination of available and custom-made exploits and techniques in order to tamper with improper configurations, bypass security controls, access sensitive information and in general to establish access to the targets in question.

5. Post-exploitation

The purpose of this phase is to determine the value of the compromised targets by trying to elevate privileges and pivot to other systems and networks that are defined within the scope. Importantly, the compromised systems will be cleaned of any scripts and further attacks that have been launched to make sure the systems are not subjected to unnecessary risks as a consequence of the tester’s actions.

6. Reporting

All information mentioned in the above steps must be documented.

A good penetration testing company should provide you with a thorough yet easy-to-read pen testing report, including:

  • All risks based on the current server/application setup/configuration
  • Vulnerabilities and running services for the servers and applications
  • What has been done to exploit each security issue
  • Remediation steps
  • Near-term and long-term actions It should be noted that vulnerabilities that cannot be exploited must also be included in the final report

We strongly recommend you ask the penetration test company for a sample report in advance – this way you’ll know what you can expect to receive. If a report is full of jargon and difficult to decipher, its use to you is limited.

7. Debrief session

This step isn’t a strict requirement but is good practice. Upon the completion and delivery of a penetration test, a de-brief session can explain the findings and risks listed in the report, as well as giving you the opportunity to ask any questions.

How much does a pen test cost?

The cost of a penetration test can vary considerably with many factors to consider. The size of the environment being tested, its complexity and the overall project scope will be the main variables.

As a general rule (at Bulletproof) the prices for pen testing can be broken down as thus:

Penetration testing prices
Test TypeDescriptionGuide price
Small pen testTests of small web app and associated cloud infrastructure. Black box, unauthenticated test designed to mimic a real-world attack with no details of environment disclosed upfront.£1,000–£3,000
Medium pen testApplication test of a medium web-based management portal and associated cloud infrastructure. Can be authenticated or unauthenticated. Usually, grey box.£3,000–£5,000
Large pen testA larger test of external applications, systems infrastructure and social engineering. A comprehensive security review with limited information disclosed up front.£5,000–£20,000

Of course, these prices and features depend entirely on your requirements and serve as just a rough guide as to what you might expect to pay.

What can I expect in my penetration test report?

Upon the completion of the penetration testing main stages, the lead penetration tester will present the pen test results in a clear, comprehensive report.

This report will be split into two sections: an executive summary and a technical breakdown, typically delivered within five working days after the completion of the penetration test.

1. Pen Test Executive Summary

  • High-level, non-technical discussion of the overall risk assessment and findings
  • Confirmation of the pen testing plan and methodology
  • An overview of the security risks & business impact of the discovered threats

2. Technical Penetration Testing Report

  • Description of steps taken during the penetration testing assessment
  • Detailed report & description and evidence of vulnerabilities identified, including their Common
  • Vulnerability Scoring System (CVSS) and priority for remediation
  • Evidence and proof-of-concept information for target exploitation
  • Detailed steps on how to remediate any vulnerabilities and a guide on how to prevent future cyber treats
  • Additional details, such as penetration testing tools used during the assessment, experts involved, checklists etc.

Our experts are the ones to trust when it comes to your cyber security

  • Bulletproof are CREST approved

    CREST approved

  • Bulletproof are ISO 27001 and 9001 certified

    ISO 27001 and 9001 certified

  • Bulletproof are Tigerscheme qualified testers

    Tigerscheme qualified testers

  • Bulletproof are a PCI DSS v3.2 Level 1 service provider

    PCI DSS v3.2 Level 1
    service provider

  • Bulletproof have 24/7 on-site Security Operations Centre

    24/7 on-site Security
    Operations Centre