Buying guide

Penetration testing subscription vs one-off pentest

One-off penetration tests still make sense for fixed scopes and infrequent releases. A subscription makes more sense when your product, cloud, APIs and compliance evidence change throughout the year.

When a one-off pentest works

A one-off test is useful for a defined release, a single customer request or a narrow audit requirement. The limitation is that evidence starts ageing as soon as your product changes.

When a subscription works better

A subscription fits teams with frequent releases, multiple assets and recurring compliance evidence needs. It lets you test one active scope at a time without restarting procurement for every change.

  • Web app this month, API next month, cloud review after a migration
  • Retesting included so findings can be closed properly
  • Evidence refreshed across the year instead of once annually
  • Predictable budget for security and compliance planning

How to compare pricing fairly

Compare the number of likely scopes, retesting, reporting quality, senior tester access and procurement overhead. The cheapest one-off quote is not always cheaper once fixes and new releases are included.

FAQ

Common questions

Is a subscription always better than a one-off pentest?

No. If you only need one narrow scope per year, a one-off test may be enough. Subscriptions are strongest when testing needs repeat across the year.

Can a subscription support compliance audits?

Yes. It can produce more current evidence across web, API, cloud and infrastructure changes, with retesting included.

How many tests can run at once?

Darkside runs one active test at a time on the core subscription, with enterprise options for multiple concurrent tests.

Your next test could start in ten days.

A 30-minute call. We’ll scope your first test on it.

Book a call