1. What type of assessment is required?

< 500500 - 10001001 - 15001501 - 2000> 2000

2. What is the scope of assessment?


Assessment will be performed with credentials and architecture, design, and functional knowledge provided. Typically more comprehensive from a blackbox test, and provides a good representation of the current level of security of the application or network.


Assessment will be performed with from the point of view of a public user. Provides a good simulation of what a external attacker might do.

3. What is the key objective/trigger behind the request for services?

4. What is the environment the assessment would be conducted on?

* Applicable if there is a server backend or performing Network testing.


5. Where is the assessment target hosted on?

Infrastructure as a ServicePlatform as a ServiceSoftware as a ServiceDIY

6. What cloud systems are used, of any?


Microsoft Azure


7. What security products or measures have been taken so far?

Eg. Network: WAF, IP whitelisting, Cloudflare DDOS protection etc. Mobile App:

8. What are the standards/laws the target is subject to?

9. Are there any notable functions for the target?

Eg. XML upload, 3rd party payment provider APIs

10. What is the estimated user base of the target?

11. What is your email address?