Penetration Test

Partner or auditor asking for a pentest?

Federacy Assessments can satisfy compliance requirements or provide an initial view of security posture, utilizing the OWASP Top 10, Testing Guide, and/or Application Security Verification Standard.


Federacy combines automated scanning with small teams of talented security researchers. We focus on vulnerability chaining, business logic, authentication and authorization.

OWASP Application Security Verification Standard


  • Review prioritized vulnerability reports within your Federacy Security Inbox
  • Get remediation advice through a dedicated Slack/Teams/Keybase channel
  • Receive free retests & fix validation
  • Export a real time progress report, on-demand
Federacy vulnerability inbox

Top tier researchers

All Federacy researchers are hand-picked and vetted. They collectively offer a diverse skill set that covers essentially every technology and framework.

From academics to CISOs, full-time bug bounty hunters to professional pentesters, our researchers have studied or worked at such institutions as MIT, Carnegie Mellon, CERT, PricewaterhouseCoopers, Google and Twitter.