PTaaS by ContractShield

PTaaS (Penetration Testing as a Service) is a cloud-based platform that automates web application penetration testing using a DAST (Dynamic Application Security Testing) engine powered by over 8,000 detection templates. It identifies critical vulnerabilities including SQL injection, cross-site scripting (XSS), server misconfigurations, known CVEs, and more.

PTaaS offers three scan modes — Quick (3 minutes), Standard (30 minutes), and Full (1 hour+) — with scheduled scanning for continuous security monitoring. Each scan generates a detailed PDF report with risk scoring, execution timeline, and step-by-step remediation guidance.

The platform integrates natively with DevSecOps tools: Slack and Discord for real-time notifications with 9 configurable alert types, Jira and GitHub for automatic issue creation, a comprehensive REST API with Swagger documentation, and HMAC-SHA256 signed webhooks for CI/CD pipeline integration.

Authentication options include passwordless Magic Link, Google OAuth2, and GitHub OAuth2. Domain ownership is verified through DNS TXT records, file upload, or meta tags before scanning is permitted.

Pricing starts at €49/month (Starter: 10 scans, 3 targets), with Pro at €149/month (50 scans, 10 targets) and Business at €399/month (200 scans, 25 targets). One-time scan packs are also available.

PTaaS is protected by ContractShield WAF, demonstrating the company's confidence in its own security ecosystem. Built in Payerne, Switzerland.