Client Testimonials & Verified Penetration Testing Results
Pentest Testing Corp has completed thousands of penetration tests for more than 257 companies across six continents. The results on this page are real, collected from active engagements in healthcare, fintech, SaaS, and beyond. Where clients have consented to be named, we’ve included their full details. Where NDAs apply, we’ve retained outcomes and removed identifying information.
- 4.9 / 5 average rating across 120+ reviewed engagements
- 257+ companies served globally
- 18+ industries including healthcare, fintech, SaaS, and e-commerce
- Free retest included on all critical and high-severity findings
Clients span managed IT, dental & medical practice software, wealth management, food retail, and cloud platforms across North America, Europe, and beyond.
Engagements completed Thousands of tests across 257+ companies globally Free retest policy Included on all critical and high-severity findings, no exceptions Average client rating 4.9 / 5 across 120+ reviewed engagements Compliance reports delivered HIPAA · PCI DSS · SOC 2 · ISO 27001 · GDPR These engagements ran across healthcare platforms, payment APIs, SaaS applications, call center systems, and enterprise networks, across six continents. Every outcome block below reflects a real engagement. Where clients have consented to be named, their details are included; where NDAs apply, we’ve kept the findings and removed identifying information.
⭐ What Our Clients Say About Working With Us
The reviews below reflect engagements across web application testing, API security, network penetration testing, mobile app assessments, DFIR investigations, and compliance-focused testing for HIPAA, PCI DSS, SOC 2, and ISO 27001 environments.
27-sec client review 🎥
Hear a client explain, in 27 seconds, why our manual-led web & API pentests deliver clearer findings, faster remediation, and compliance-ready evidence. Includes a free 30-day retest to validate fixes.
67-sec DFIR client review 🎥
Hear a client explain, in 67 seconds, how our evidence-first DFIR investigation helped them respond to a Windows malware incident and suspicious Apple ID access. We reviewed logs and network evidence (including a Wireshark capture) to build a clear timeline, validate suspicious activity, and deliver practical containment + recovery steps.
Security work is often sensitive by nature. Some clients operate under strict NDAs and can’t be named publicly; we respect that without question. For prospective clients who want a direct reference conversation, we can arrange one on request.
WEB APPLICATION & API PENETRATION TESTING
Engagement 01 Service: Web Application Penetration Testing Industry: SaaS – Software Development
“It was a pleasure working with Pentest Testing Corp. They delivered a high-quality penetration test for our web application with excellent attention to detail, professional communication, and fast turnaround time. What impressed me most was their honesty and professionalism throughout the engagement. The final security report was detailed, official, and highly valuable for our internal security improvements.” ~ Amiram Amsalem, Ofekpoint Software
Engagement 02 Service: API Penetration Testing (Windows Application) Industry: SaaS – Productivity Tools
“Pentest Testing Corp delivered an excellent API penetration testing engagement for our Windows application. The assessment identified important security weaknesses and provided clear, actionable remediation guidance for our development team. Communication was smooth from start to finish, and the final report helped us significantly improve the security posture of our application and backend APIs.” ~ Willy Danenberg, AltoChange Kanban
Engagement 03 Service: API Penetration Testing (Call Center Platform) Industry: Communications Technology
“Pentest Testing Corp conducted a comprehensive API penetration test for our call center platform with a high level of professionalism and technical expertise. The assessment was detailed, efficient, and uncovered important security issues that helped us strengthen the protection of our APIs and backend systems.” ~ Davide Balzamo, Sidial
Engagement 04 Service: Gray-Box Application Penetration Testing Industry: Technology – Software Platform
“Pentest Testing Corp conducted a highly detailed gray-box penetration test for our application and delivered exceptional results. The assessment identified important vulnerabilities and provided clear, actionable remediation guidance that helped us improve the overall security of our platform.” ~ Marcelo Felipe T., Mattzero
NETWORK PENETRATION TESTING
Engagement 05 Service: Internal Network Penetration Testing Industry: SMB – Retail / Professional Services
Testing identified internal network segmentation gaps alongside exposed management interfaces running default credentials on network devices. Findings were prioritized by exploitability. The client confirmed all hardening steps were completed within the engagement window.
“Pentest Testing Corp performed a highly professional network penetration test for our small business and delivered exceptional results. The assessment was thorough, well-structured, and helped us identify important security weaknesses within our network infrastructure.” ~ Maria Luisa P.
COMPLIANCE-DRIVEN ENGAGEMENTS
Service: HIPAA Security Assessment Industry: Healthcare – Dental Practice Management Software
A HIPAA-aligned assessment of a patient data platform tested access controls, data transmission security, and audit logging completeness. Findings included insufficient encryption of data at rest and inadequate role-based access controls, both with direct implications under the HIPAA Security Rule. All issues were remediated with documented evidence suitable for compliance review.
“Pentest Testing Corp conducted a comprehensive HIPAA-focused security assessment for Dentallive Planner with outstanding professionalism and technical expertise. Md Shofiur demonstrated a deep understanding of healthcare security requirements, identifying vulnerabilities that could have impacted sensitive patient data and compliance standards. The testing process was detailed, well-structured, and the final report provided clear remediation guidance that was easy for our development team to implement. Communication throughout the engagement was excellent, and the overall experience exceeded our expectations.” ~ Safiulla M, Dentallive Planner
Service: Security Assessment & Consultation Industry: MarTech – Digital Advertising
A review of internal tooling and cloud-hosted infrastructure surfaced misconfigured access policies and credential management gaps. Findings were prioritized by business risk, and the team received a remediation plan they could execute independently without additional consulting time.
“Pentest Testing Corp provided outstanding cybersecurity consultation services with a high level of professionalism and technical expertise. Their ability to quickly assess security concerns, explain risks clearly, and recommend practical solutions made the entire process extremely valuable for our team.” ~ Hatem Ben Gamra, Dreamy PPC
AI APPLICATION SECURITY
Service: AI Application Security Review Industry: SaaS – Scheduling Platform
The review assessed an AI-powered scheduling application for prompt injection exposure, unauthorized data retrieval through model outputs, and insecure API integrations feeding user data into the model layer. Input validation gaps were identified that could allow user-controlled content to influence model behavior outside intended parameters. Controls were implemented before the public launch.
“Pentest Testing Corp conducted a detailed and professional security review for our AI application. The assessment was thorough, clearly documented, and provided valuable insights that helped us improve our platform’s overall security posture.” ~ Dani Louison, MySchedule
DIGITAL FORENSICS & INCIDENT RESPONSE
Service: Windows Endpoint DFIR Investigation Industry: Individual – Persistent Endpoint Compromise
The engagement involved a Windows system with a recurring compromise that multiple prior remediation attempts, including reimages, had failed to resolve. Forensic analysis identified a rootkit-level persistence mechanism and lateral credential access that survived reimaging. A full containment and recovery plan was delivered; the system was confirmed clean following implementation.
“I was dealing with a highly sophisticated and persistent security compromise on my Windows PC, and after months of trying multiple local services without success, they were finally able to identify how the attack was happening and secure my system properly. Their expertise in cybersecurity is truly impressive, and I highly recommend them to anyone needing serious security assistance.” ~ Denise Martin
Service: DFIR Investigation – Malware & Unauthorized Account Access Industry: SMB
(Video review — 67 seconds)
Network log analysis and Wireshark capture review confirmed active malware on Windows endpoints alongside unauthorized Apple ID access from unrecognized geolocations. The investigation established a clear incident timeline, validated the scope of compromise, and produced containment and recovery steps actionable within the same business day.
Our Latest Research & Articles
Practical security research and playbooks focused on real attack paths in web apps and APIs.
