Transparent pricing. No hidden costs.

Penetration Testing
Pricing That Scales With
Your Risk

Old pentests give you a yearly PDF. We give you a live system: continuous testing, real fixes, and reports your auditors trust. Pick the plan that fits you.

Company Logo
Company Logo
Company Logo
Company Logo
Trusted by 500+ companies in NZ, Australia, and the US.

TRUSTED BY INNOVATIVE COMPANIES

EROAD Logo
BlackPearl Logo
lawvu Logo
Parkable Logo
Cotiss Logo
PaySauce Logo
Apylid Logo
Datamasque Logo
Whip Around Logo
Devoli Logo
Kademi Logo
Rafay Logo
Partly Logo
Yabble Logo
orbit remit Logo
forsite Logo
cronberry Logo
Bonnet Logo
Zebpay Logo
Immerseme Logo
EROAD Logo
BlackPearl Logo
lawvu Logo
Parkable Logo
Cotiss Logo
PaySauce Logo
Apylid Logo
Datamasque Logo
Whip Around Logo
Devoli Logo
Kademi Logo
Rafay Logo
Partly Logo
Yabble Logo
orbit remit Logo
forsite Logo
cronberry Logo
Bonnet Logo
Zebpay Logo
Immerseme Logo

Estimate your cost in 30 seconds

Tell us what to secure and how to test it. Get a ballpark now, a scoped quote after a quick call.

1. What do you want to secure?

2. Estimate your cost

000.

ESTIMATED COST (USD)

$0USD

Free, no obligation.

Disclaimer: This is a guide, not a final quote. Book a short scoping call and we'll price your exact assets and depth.

4. Penetration Testing Options

One test or always-on? You choose.

One-Off Penetration Test

A comprehensive security assessment to uncover vulnerabilities before attackers can exploit them.

Expert-Led Assessment

Web, Mobile, API, and Network penetration testing by certified pros.

Actionable Security Report

Technical findings with board-ready executive summaries.

Retest & Validation

One round of retesting to verify your vulnerability fixes.

Subscription Penetration Testing

Continuous security testing that keeps pace with every release and infrastructure change.

Continuous Security Testing

Continuous penetration testing that scales with product releases.

Live Security Dashboard

Real-time dashboard for vulnerabilities, progress, and posture.

Unlimited Retesting

Unlimited retests to validate security fixes anytime.

Expert Security Team
Fast Turnaround
Confidential & Secure
Trusted by 500+ Companies

Pentesting Plans That Scale With You

Testing that grows with your product, customers, and compliance needs.

Compare Plans

Starter

Most Popular

Professional

Enterprise

Manual pentests
1 / year
2 / year (web + API)
Monthly or quarterly
Asset coverage
Web
Web + API
Web, Mobile, API, Cloud
Manual + automated
Compliance reports
Ready
SOC 2, ISO 27001, HIPAA
SOC 2, ISO 27001, HIPAA, GDPR, PCI-DSS
Retesting
30-day unlimited
Unlimited + triage
Priority + SLA
Real-time dashboard
Dev integrations
No
Pentester collaboration
No
In-platform
Dedicated lead
Remediation
Guidance
Triage
End-to-end
Support
Email
SLA-based
24/7 priority

Why teams choose Capture The Bug

Certified experts

OSCP, CEH, GWAPT pros, not a scanner.

Fast turnaround

results in days, not weeks.

Actionable reports

clear fixes with proof of concept.

Free retesting

we confirm your fixes hold.

Confidential

your data stays protected.

98% satisfaction.

High client retention and success rate.

How it works

01

Scope and plan

We map your environment and build a test plan.

02

Test and validate

Our experts run manual and automated testing.

03

Report and review

You get clear vulnerabilities, impact, and fixes.

04

Retest and verify

We confirm the fixes hold.

Subscription payment options

16% Discount

Annual Payment

Pay the full annual subscription fee upfront and save approximately 16% compared to monthly payments.

Perfect for : Organizations that prefer annual budget cycles and want maximum savings.

Monthly Payments

Pay a fixed monthly fee throughout the year for maximum flexibility in cash flow management.

Perfect for : Organizations that prefer smaller, predictable monthly payments.

What Our Clients Say

Easy to scope, schedule, and track in real time. No long email chains.

SB

Shai Bhula

CTO, Whip Around

Continuous pentesting has been a game-changer for us at LawVu.

SW

Sarah Webb

COO, LawVu

Continuous assurance and speed, without compromising depth.

JL

Jacques Labuschagne

CTO, PaySauce

I love the CTB format over traditional pen testing. Not sure I could go back.

LG

Lorraine Guerin

CPO, Yabble

We get actionable vulnerabilities much faster. It fits our workflows.

JP

Jeremy Peaks

Director of Engineering, EROAD

Quality service at a reasonable price for our compliance needs.

WT

Wesley Tuzza

DevOps Engineer, Kademi

Efficient, affordable, and proactive. It fortified our defenses.

NT

Nathan Taylor

COO, PARTLY

A thorough assessment with clear reporting and actionable fixes.

RG

Robbie Gill

Sr. Director of Engineering, Rafay Systems

On-demand programs with results in days. Our team triages right in the app.

JB

Jan Behrens

CTO, Devoli

Frequently asked questions

You ship code weekly. Attackers don't wait a year. Continuous testing keeps pace with your product, so security stays current instead of going stale.

By scope. Use the calculator for a ballpark, then book a call for an exact quote. One-off tests are billed per engagement. Subscriptions are monthly or annual, and annual saves about 16%.

Yes. They're ready for SOC 2, ISO 27001, and HIPAA. Enterprise adds GDPR and PCI-DSS with custom reporting.

Days, not weeks. You see vulnerabilities in real time on your dashboard.

Always. We confirm your fixes hold, with unlimited or priority retesting depending on your plan.

Real, manual testing by certified pentesters, backed by automation. Scanners miss the business-logic flaws that get you breached.

Security that works like you do.

Flexible, scalable PTaaS for modern product teams.