Testing Credits

Testing credits to embed within your SDLC

Pre-purchased credits for various application and API security testing.

Embedding Security Into the SDLC

Shifting left is critical to the continued security in organizations. Most development is made better by moving security earlier in the process. But the traditional penetration testing of web applications and APIs doesn't fit well in the earlier stages of the software development lifecycle(SDLC).

Secure Ideas has created a process of testing credits to help solve these issues (especially when paired with SASTA). An organization is able to purchase credits to use over the next 24 months. These credits, combined with a self-scoping system, allows for an organization to work with Secure Ideas within their development processes. The testing credits can be used for:

  • Web applications
  • RESTFul APIs
  • Cloud-based applications

Once the credits are purchased, Secure Ideas works with the organization to embed the testing into the current processes. Most, if not all, of the testing associated with credits can start within 1-2 business days from the initial request. The client then receives the report as rapidly as possible.

Secure Ideas offers a discount table based on the numbers of credits purchased. This table outlines the discounts:

Discount Table

Test Credit Options


Purchase$2000Per Credit
  • SDLC Embed
  • Rapid Scheduling
  • OWASP® Top 10 Testing
  • Retesting Included
Request Service

SASTA + Credits

SASTA Pricing$10% off*per 5 Credits purchased
  • SDLC Embed
  • Rapid Scheduling
  • Includes additional webinar attendees
Request Service*50+ credits purchased provides free SASTA for 25 seats. Additional seats, call us

Pricing Model

Each pre-purchased credit is approximately one day of testing effort and is part of embedding the testing within the client organization's processes, such as their SDLC. The discounts offered for volume purchases and adding on the SASTA program are described in greater detail within the Prepaid Credit Guide Knowledge Center article.

Our Engagement Process

To enable us to embed our testing as efficiently as possible, we have created a unique process for our pre-purchased testing credits. Our engagement process is as follows:

  1. Scoping: Secure Ideas provides a self-scoping document to any pre-purchased test credit client. Using this document, the client is able to determine the number of credits necessary for the testing.
  2. Scheduling: Once you have scoped the work, we work with you to find a mutually agreeable time to perform the test. This scheduling typically happens within 1-2 business days.
  3. Testing: The next step is the obvious one, we begin testing. During the testing, we work with the client (typically via our Advisory slack workspace) to explain any findings and issues found during the test
  4. Delivery: After the testing is complete, we provide the report to the client. This will cover any findings discussed during testing as well as any others found. If you need a letter of attestation, then we'll get that to you as well.
  5. Retesting: If you remediate items from a test we performed, we are happy to test the changes to make sure they are done correctly.


Advisory Services?